Showing total 2 results

1. Revocable and Traceable Undeniable Attribute-Based Encryption in Cloud-Enabled E-Health Systems.

Author

He, Zhongxiang, Chen, Yuling, Luo, Yun, Zhang, Lingyun, and Tang, Yingying

Subjects

*ACCESS control, *CLOUD storage, *CLOUD computing, *ELECTRONIC systems, *REVOCATION

Abstract

The emerging cloud storage technology has significantly improved efficiency and productivity in the traditional electronic healthcare field. However, it has also brought about many security concerns. Ciphertext policy attribute-based encryption (CP-ABE) holds immense potential in achieving fine-grained access control, providing robust security for electronic healthcare data in the cloud. However, current CP-ABE schemes still face issues such as inflexible attribute revocation, relatively lower computational capabilities, and key management. To address these issues, this paper introduces a revocable and traceable undeniable ciphertext policy attribute-based encryption scheme (MA-RUABE). MA-RUABE not only enables fast and accurate data traceability, effectively preventing malicious user key leakage, but also includes a direct revocation feature, significantly enhancing computational efficiency. Furthermore, the introduction of a multi-permission mechanism resolves the issue of centralization of power caused by single-attribute permissions. Furthermore, a security analysis demonstrates that our system ensures resilience against chosen plaintext attacks. Experimental results demonstrate that MA-RUABE incurs lower computational overhead, effectively enhancing system performance and ensuring data-sharing security in cloud-based electronic healthcare systems. [ABSTRACT FROM AUTHOR]

Published

2024

2. Disabling Tracing in Black-Box-Traceable CP-ABE System: Alert Decryption Black Box.

Author

Qiao, Huidong, Ren, Jiangchun, Wang, Zhiying, and Hu, Ying

Subjects

*CLOUD storage, *ACCESS control, *CLOUD computing, *ALGORITHMS

Abstract

In application scenarios such as cloud storage, a symmetric algorithm can be used to encrypt massive data. However, using the symmetric operation and keys in encryption and decryption, it is very difficult to realize an efficient access control system. The asymmetric encryption algorithm ciphertext-policy attribute-based encryption (CP-ABE), as a versatile one-to-many encryption algorithm, is considered an ideal access control tool to solve the user's distrust of the service provider of cloud storage. However, in a traditional CP-ABE system, the malicious users may deliberately leak their attribute keys to others or build a decryption black box (DB) to provide illegal decryption services for benefits, while no one can determine their identities. To deal with the problems, especially the problem of tracing the DB builder, CP-ABE schemes with black-box traceability have been proposed in the past few years. But in this paper, we point out that for now, the tracing algorithms in all existing schemes actually work on an impractical assumption. That is, whenever a DB receives a decryption request, it always performs the decryption algorithm honestlycorrectly. We argue that if a DB finds the decryption request comes from the tracing algorithm, it may intentionally output incorrect decryption results to counter the tracing. Thus, we present the structural defect of the tracing algorithm applied to all known traceable CP-ABE schemes. We describe the construction of an alert decryption black box (ADB) that is capable of distinguishing a tracing ciphertext from a normal one. We also show how an ADB frustrates the tracing algorithm, and furthermore, malicious users can even apply an ADB to frame innocent users. [ABSTRACT FROM AUTHOR]

Published

2024