An adaptive secure and practical data sharing system with verifiable outsourced decryption

Publication Type

Journal Article

Publication Date

6-2024

Abstract

Cloud computing is the widespread acceptance of a promising paradigm offering a substantial amount of storage and data services on demand. To preserve data confidentiality, many cryptosystems have been introduced. However, current solutions are incompatible with the resource-constrained end-devices because of a variety of vulnerabilities in terms of practicality and security. In this article, we propose a practical and secure data-sharing system by introducing a new design of attribute-based encryption with verifiable outsourced decryption-attribute-based encryption (VO-ABE for short). Our system offers: (1) data sharing at a fine-grained level; (2) a scalable key issuing protocol without any secure channel; (3) a verifiable outsourced decryption mechanism for resource-constrained end-devices against the malicious cloud service provider; and (4) adaptive security against the real-world attacks. To formalize our solution with cryptographic analysis, we present the formal definition of VO-ABE and its concrete construction with provable security. In particular, our design leverages the techniques of the traditional ABE, verifiable outsourced decryption, and randomness extractor to support fine-grained access control, cost-effective data sharing, and security assurance with high entropy. Moreover, our design is provably secure in the adaptive model under the standard assumption, which offers a stronger security guarantee since the state-of-the-art solution is selectively secure under the non-standard assumption and suffers from a variety of real-world attacks. The implementation and evaluation demonstrate that our solution enjoys superior functionality and better performance than the relevant solutions. More importantly, our solution is compatible with the resource-constrained end-devices since the decryption mechanism takes around 1.1 ms and is 22.7x faster than the state-of-the-art solution.

Keywords

Security, Access control, Standards, Encryption, Data models, Adaptive systems, Cloud computing, Adaptive security, fine-grained access control, verifiable outsourced decryption

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Services Computing

Volume

17

Issue

3

First Page

776

Last Page

788

ISSN

1939-1374

Identifier

10.1109/TSC.2023.3321314

Publisher

Institute of Electrical and Electronics Engineers

Additional URL

https://doi.org/10.1109/TSC.2023.3321314

This document is currently not available here.

Share

COinS