|
|
ABDKS: attribute-based encryption with dynamic keyword search in fog computing |
Fei MENG1,2, Leixiao CHENG3, Mingqiang WANG1,2() |
1. School of Mathematics, Shandong University, Jinan 250100, China 2. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Jinan 250100, China 3. School of Mathematical Sciences, Fudan University, Shanghai 200433, China |
|
|
Abstract Attribute-based encryption with keyword search (ABKS) achieves both fine-grained access control and keyword search. However, in the previous ABKS schemes, the search algorithm requires that each keyword to be identical between the target keyword set and the ciphertext keyword set, otherwise the algorithm does not output any search result, which is not conducive to use. Moreover, the previous ABKS schemes are vulnerable to what we call a peer-decryption attack, that is, the ciphertext may be eavesdropped and decrypted by an adversary who has sufficient authorities but no information about the ciphertext keywords. In this paper, we provide a new system in fog computing, the ciphertext-policy attribute-based encryption with dynamic keyword search (ABDKS). In ABDKS, the search algorithm requires only one keyword to be identical between the two keyword sets and outputs the corresponding correlation which reflects the number of the same keywords in those two sets. In addition, our ABDKS is resistant to peer-decryption attack, since the decryption requires not only sufficient authority but also at least one keyword of the ciphertext. Beyond that, the ABDKS shifts most computational overheads from resource constrained users to fog nodes. The security analysis shows that the ABDKS can resist Chosen-PlaintextAttack (CPA) and Chosen-Keyword Attack (CKA).
|
Keywords
access control
attribute-based encryption
keyword search
fog computing
outsourcing
|
Corresponding Author(s):
Mingqiang WANG
|
Just Accepted Date: 02 April 2020
Issue Date: 10 May 2021
|
|
1 |
F Bonomi, R A Milito, J Zhu, S Addepalli. Fog computing and its role in the internet of things. In: Proceedings of the 1st Edition of the MCC Workshop on Mobile Cloud Computing. 2012, 13–16
https://doi.org/10.1145/2342509.2342513
|
2 |
S Ivan, S Wen. The fog computing paradigm: scenarios and security issues. In: Proceedings of Federated Conference on Computer Science and Information Systems. 2014, 1–8
|
3 |
S Yi, C Li, Q Li. A survey of fog computing: concepts, applications and issues. In: Proceedings of Workshop on Mobile Big Data. 2015, 37–42
https://doi.org/10.1145/2757384.2757397
|
4 |
I Stojmenovic, S Wen, X Huang, H Luan. An overview of fog computing and its security issues. Concurrency and Computation: Practice and Experience, 2016, 28(10): 2991–3005
https://doi.org/10.1002/cpe.3485
|
5 |
A Sahai, B Waters. Fuzzy identity-based encryption. In: Cramer R, eds. Advances in Cryptology — EUROCRYPT 2005, Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2005, 457–473
https://doi.org/10.1007/11426639_27
|
6 |
Q Zheng, S Xu, G Ateniese. VABKS: verifiable attribute-based keyword search over outsourced encrypted data. In: Proceedings of IEEE Conference on Computer Communications. 2014, 522–530
https://doi.org/10.1109/INFOCOM.2014.6847976
|
7 |
W Sun, S Yu, W Lou, Y T Hou, H Li. Protecting your right: verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. IEEE Transactions on Parallel and Distributed Systems, 2016, 27(4): 1187–1198
https://doi.org/10.1109/TPDS.2014.2355202
|
8 |
M Green, S Hohenberger, B Waters. Outsourcing the decryption of ABE ciphertexts. In: Proceedings of USENIX Security Symposium. 2011
|
9 |
M Xiao, J Zhou, X Liu, M Jiang. A hybrid scheme for fine-grained search and access authorization in fog computing environment. Sensors, 2017, 17(6): 1423
https://doi.org/10.3390/s17061423
|
10 |
Y Miao, J Ma, X Liu, J Weng, H Li, H Li. Lightweight fine-grained search over encrypted data in fog computing. IEEE Transactions on Services Computing, 2019, 12(5): 772–785
https://doi.org/10.1109/TSC.2018.2823309
|
11 |
J Li, Y Shi, Y Zhang. Searchable ciphertext-policy attribute-based encryption with revocation in cloud storage. International Journal of Communication Systems, 2017, 30(1): e2942
https://doi.org/10.1002/dac.2942
|
12 |
V Goyal, O Pandey, A Sahai, B Waters. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of ACM Conference on Computer and Communications Security. 2006, 89–98
https://doi.org/10.1145/1180405.1180418
|
13 |
J Bethencourt, A Sahai, B Waters. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy. 2007, 321–334
https://doi.org/10.1109/SP.2007.11
|
14 |
L Cheung, C C Newport. Provably secure ciphertext policy ABE. In: Proceedings of ACM Conference on Computer and Communications Security. 2007, 456–465
https://doi.org/10.1145/1315245.1315302
|
15 |
M Horváth. Attribute-based encryption optimized for cloud computing. In: Margaria-Steffen T, Pokorný J, Quisquater J J, Wattenhofer R, eds. SOFSEM 2015: Theory and Practice of Computer Science. Springer, Berlin, Heidelberg, 2015, 566–577
https://doi.org/10.1007/978-3-662-46078-8_47
|
16 |
S Wang, J Zhou, J K Liu, J Yu, J Chen, W Xie. An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Transactions on Information Forensics and Security, 2016, 11(6): 1265–1277
https://doi.org/10.1109/TIFS.2016.2523941
|
17 |
J Li, Q Yu, Y Zhang. Hierarchical attribute based encryption with continuous leakage-resilience. Information Sciences, 2019, 484: 113–134
https://doi.org/10.1016/j.ins.2019.01.052
|
18 |
L Cheng, F Meng, X Meng, Q Zhang. Akc-based revocable ABE schemes from LWE assumption. Security and Communication Networks, 2020
https://doi.org/10.1155/2020/8834872
|
19 |
J Li, X Huang, J Li, X Chen, Y Xiang. Securely outsourcing attributebased encryption with checkability. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(8): 2201–2210
https://doi.org/10.1109/TPDS.2013.271
|
20 |
R Zhang, H Ma, Y Lu. Fine-grained access control system based on fully outsourced attribute-based encryption. Journal of Systems and Software, 2017, 125: 344–353
https://doi.org/10.1016/j.jss.2016.12.018
|
21 |
J Li, W Yao, Y Zhang, H Qian, J Han. Flexible and fine-grained attributebased data storage in cloud computing. IEEE Transactions on Services Computing, 2017, 10(5): 785–796
https://doi.org/10.1109/TSC.2016.2520932
|
22 |
J Li, Y Wang, Y Zhang, J Han. Full verifiability for outsourced decryption in attribute based encryption. IEEE Transactions on Services Computing, 2017, 13(3): 478–487
https://doi.org/10.1109/TSC.2017.2710190
|
23 |
C Zuo, J Shao, G Wei, M Xie, M Ji. CCA-secure ABE with outsourced decryption for fog computing. Future Generation Computer Systems, 2018, 78: 730–738
https://doi.org/10.1016/j.future.2016.10.028
|
24 |
P Zhang, Z Chen, J K Liu, K Liang, H Liu. An efficient access control scheme with outsourcing capability and attribute update for fog computing. Future Generation Computer Systems, 2018, 78: 753–762
https://doi.org/10.1016/j.future.2016.12.015
|
25 |
D X Song, D A Wagner, A Perrig. Practical techniques for searches on encrypted data. In: Proceedings of IEEE Symposium on Security and Privacy. 2000, 44–55
|
26 |
D Boneh, G D Crescenzo, R Ostrovsky, G Persiano. Public key encryption with keyword search. In: Cachin C, Camenisch J L, eds. Advances in Cryptology — EUROCRYPT 2004. Springer, Berlin, Heidelbery, 2004, 506–522
https://doi.org/10.1007/978-3-540-24676-3_30
|
27 |
H Wang, X Dong, Z Cao, D Li. Secure and efficient attribute-based encryption with keyword search. The Computer Journal, 2018, 61(8): 1133–1142
https://doi.org/10.1093/comjnl/bxy031
|
28 |
N Cao, C Wang, M Li, K Ren, W Lou. Privacy-preserving multi-keyword ranked search over encrypted cloud data. In: Proceedings of IEEE International Conference on Computer Communications. 2011, 829–837
https://doi.org/10.1109/INFCOM.2011.5935306
|
29 |
Y Lu, J Li, Y Zhang. Secure channel free certificate-based searchable encryption withstanding outside and inside keyword guessing attacks. IEEE Transactions on Services Computing, 2019
https://doi.org/10.1109/TSC.2019.2910113
|
30 |
H Li, Y Yang, T H Luan, X Liang, L Zhou, X S Shen. Enabling finegrained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data. IEEE Transactions on Dependable and Secure Computing, 2016, 13(3): 312–325
https://doi.org/10.1109/TDSC.2015.2406704
|
31 |
Y Miao, J Ma, X Liu, F Wei, Z Liu, X A Wang. m2-abks: attribute-based multi-keyword search over encrypted personal health records in multiowner setting. Journal of Medical Systems, 2016, 40(11): 1–12
https://doi.org/10.1007/s10916-016-0617-z
|
32 |
H Cui, R H Deng, J K Liu, Y Li. Attribute-based encryption with expressive and authorized keyword search. In: Proceedings of Australasian Conference on Information Security and Privacy. 2017, 106–126
https://doi.org/10.1007/978-3-319-60055-0_6
|
33 |
J Li, X Lin, Y Zhang, J Han. KSF-OABE: outsourced attribute-based encryption with keyword search function for cloud storage. IEEE Transactions on Services Computing, 2017, 10(5): 715–725
https://doi.org/10.1109/TSC.2016.2542813
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|