Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating  被引量：4

作　　者：Zuobin YING Hui LI Jianfeng MA Junwei ZHANG Jiangtao CUI 

机构地区：[1]School of Computer Science and Technology, Xidian University

出　　处：《Science China(Information Sciences)》2016年第4期183-198,共16页中国科学（信息科学）（英文版）

基　　金：supported by National Natural Science Foundation of China (Grant Nos. 61202179, 61173089, 61472298, 61472310, U1405255, 61502248);National High-Tech R&D Program (863) (Grant No. 2015AA016007);SRF for ROCS, SEM and Fundamental Research Funds for the Central Universities

摘　　要：Attribute-Based Encryption（ABE） is a promising new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud. With the help of ABE, the majority of security issues in accessing cloud data can be solved. However, a key limitation remains, namely policy updating.Whenever the access policy is updated, a common approach is to have the data owner retrieve the data and reencrypt it with new policy, before sending the new ciphertext back to the cloud. This straight-forward approach will lead to heavy computation and communication overhead. Although a number of other approaches have been proposed in this regard, they suffer from two limitations; namely, supporting only limited update-policy types or having weak security models. In order to address these limitations, we propose a novel solution to the attribute-based encryption access control system by introducing a dynamic policy-updating technique which we call DPU-CP-ABE. The scheme is proved to be adaptively secure under the standard model and can support any type of policy updating. In addition, our scheme can significantly reduce the computation and communication costs of updating ciphertext.Attribute-Based Encryption（ABE） is a promising new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud. With the help of ABE, the majority of security issues in accessing cloud data can be solved. However, a key limitation remains, namely policy updating.Whenever the access policy is updated, a common approach is to have the data owner retrieve the data and reencrypt it with new policy, before sending the new ciphertext back to the cloud. This straight-forward approach will lead to heavy computation and communication overhead. Although a number of other approaches have been proposed in this regard, they suffer from two limitations; namely, supporting only limited update-policy types or having weak security models. In order to address these limitations, we propose a novel solution to the attribute-based encryption access control system by introducing a dynamic policy-updating technique which we call DPU-CP-ABE. The scheme is proved to be adaptively secure under the standard model and can support any type of policy updating. In addition, our scheme can significantly reduce the computation and communication costs of updating ciphertext.

关 键 词：attribute-based encryption ciphertext-policy dynamic policy updating adaptive secure standard model 

分 类 号：TN918.4[电子电信—通信与信息系统]