Attribute-Based Encryption With Verifiable Outsourced Decryption
Top Cited Papers
- 3 July 2013
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Information Forensics and Security
- Vol. 8 (8), 1343-1354
- https://doi.org/10.1109/tifs.2013.2271848
Abstract
Attribute-based encryption (ABE) is a public-key-based one-to-many encryption that allows users to encrypt and decrypt data based on user attributes. A promising application of ABE is flexible access control of encrypted data stored in the cloud, using access polices and ascribed attributes associated with private keys and ciphertexts. One of the main efficiency drawbacks of the existing ABE schemes is that decryption involves expensive pairing operations and the number of such operations grows with the complexity of the access policy. Recently, Green et al. proposed an ABE system with outsourced decryption that largely eliminates the decryption overhead for users. In such a system, a user provides an untrusted server, say a cloud service provider, with a transformation key that allows the cloud to translate any ABE ciphertext satisfied by that user's attributes or access policy into a simple ciphertext, and it only incurs a small computational overhead for the user to recover the plaintext from the transformed ciphertext. Security of an ABE system with outsourced decryption ensures that an adversary (including a malicious cloud) will not be able to learn anything about the encrypted message; however, it does not guarantee the correctness of the transformation done by the cloud. In this paper, we consider a new requirement of ABE with outsourced decryption: verifiability. Informally, verifiability guarantees that a user can efficiently check if the transformation is done correctly. We give the formal model of ABE with verifiable outsourced decryption and propose a concrete scheme. We prove that our new scheme is both secure and verifiable, without relying on random oracles. Finally, we show an implementation of our scheme and result of performance measurements, which indicates a significant reduction on computing resources imposed on users.Keywords
This publication has 24 references indexed in Scilit:
- Fully Secure Unbounded Inner-Product and Attribute-Based EncryptionLecture Notes in Computer Science, 2012
- Attribute-based encryption schemes with constant-size ciphertextsTheoretical Computer Science, 2011
- On cryptographic protocols employing asymmetric pairings — The role of revisitedDiscrete Applied Mathematics, 2011
- Implementing Gentry’s Fully-Homomorphic Encryption SchemeLecture Notes in Computer Science, 2011
- Pairings for cryptographersDiscrete Applied Mathematics, 2008
- Batch Pairing DelegationPublished by Springer Science and Business Media LLC ,2007
- On computable isomorphisms in efficient asymmetric pairing-based systemsDiscrete Applied Mathematics, 2006
- An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption ProblemLecture Notes in Computer Science, 2004
- Relaxing Chosen-Ciphertext SecurityLecture Notes in Computer Science, 2003
- Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption CaseLecture Notes in Computer Science, 2002