An adaptive secure and practical data sharing system with verifiable outsourced decryption
Publication Type
Journal Article
Publication Date
6-2024
Abstract
Cloud computing is the widespread acceptance of a promising paradigm offering a substantial amount of storage and data services on demand. To preserve data confidentiality, many cryptosystems have been introduced. However, current solutions are incompatible with the resource-constrained end-devices because of a variety of vulnerabilities in terms of practicality and security. In this article, we propose a practical and secure data-sharing system by introducing a new design of attribute-based encryption with verifiable outsourced decryption-attribute-based encryption (VO-ABE for short). Our system offers: (1) data sharing at a fine-grained level; (2) a scalable key issuing protocol without any secure channel; (3) a verifiable outsourced decryption mechanism for resource-constrained end-devices against the malicious cloud service provider; and (4) adaptive security against the real-world attacks. To formalize our solution with cryptographic analysis, we present the formal definition of VO-ABE and its concrete construction with provable security. In particular, our design leverages the techniques of the traditional ABE, verifiable outsourced decryption, and randomness extractor to support fine-grained access control, cost-effective data sharing, and security assurance with high entropy. Moreover, our design is provably secure in the adaptive model under the standard assumption, which offers a stronger security guarantee since the state-of-the-art solution is selectively secure under the non-standard assumption and suffers from a variety of real-world attacks. The implementation and evaluation demonstrate that our solution enjoys superior functionality and better performance than the relevant solutions. More importantly, our solution is compatible with the resource-constrained end-devices since the decryption mechanism takes around 1.1 ms and is 22.7x faster than the state-of-the-art solution.
Keywords
Security, Access control, Standards, Encryption, Data models, Adaptive systems, Cloud computing, Adaptive security, fine-grained access control, verifiable outsourced decryption
Discipline
Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Services Computing
Volume
17
Issue
3
First Page
776
Last Page
788
ISSN
1939-1374
Identifier
10.1109/TSC.2023.3321314
Publisher
Institute of Electrical and Electronics Engineers
Citation
XU, Shengmin; HAN, Xingshuo; XU, Guowen; NING, Jianting; HUANG, Xinyi; and DENG, Robert H..
An adaptive secure and practical data sharing system with verifiable outsourced decryption. (2024). IEEE Transactions on Services Computing. 17, (3), 776-788.
Available at: https://ink.library.smu.edu.sg/sis_research/8965
Additional URL
https://doi.org/10.1109/TSC.2023.3321314