A Key-revocable Attribute-based Encryption for Mobile Cloud Environments

Tsukasa Ishiguro, Shinsaku Kiyomoto, Yutaka Miyake

Abstract

In this paper, we propose a new Attribute-Based Encryption (ABE) scheme applicable to mobile cloud environments. A key issue in mobile cloud environments is how to reduce the computational cost on mobile devices and delegate the remaining computation to cloud environments. We also consider two additional issues: an efficient key revocation mechanism for ABE based on a concept of token-controlled public key encryption, and attribute hiding encryption from a cloud server. To reduce the computational cost on the client side, we propose an efficient ABE scheme jointly with secure computing on the server side. We analyze the security of our ABE scheme and evaluate the transaction time of primitive functions implemented on an Android mobile device and a PC. The transaction time of our encryption algorithm is within 150 msec for 89-bit security and about 600 msec for 128-bit security on the mobile device. Similarly, the transaction time of the decryption algorithm is within 50 msec for 89-bit security and 200 msec for 128-bit security.

References

  1. Amazon (2012). Amazon Web Services. http://aws. amazon.com/.
  2. Aranha, D., López, J., and Hankerson, D. (2010). Highspeed parallel software implementation of the ?T pairing. In Topics in Cryptology - CT-RSA 2010, volume 5985 of Lecture Notes in Computer Science, pages 89-105. Springer.
  3. Baek, J., Safavi-Naini, R., and Susilo, W. (2005). Tokencontrolled public key encryption. In Information Security Practice and Experience, volume 3439 of Lecture Notes in Computer Science, pages 386-397. Springer.
  4. Bellare, M., Pointcheval, D., and Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks. pages 139-155. Springer.
  5. Bethencourt, J., Sahai, A., and Waters, B. (2007). Ciphertext-policy attribute-based encryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy, Security and Privacy 2007, pages 321- 334. IEEE Computer Society.
  6. Beuchat, J., Gonzalez-Diaz, J., Mitsunari, S., Okamoto, E., Rodriguez-Henriquez, F., and Teruya, T. (2010). High-speed software implementation of the optimal Ate pairing over Barreto-Naehrig curves. In PairingBased Cryptography - Pairing 2010, volume 6487 of Lecture Notes in Computer Science, pages 21-39. Springer.
  7. Boneh, D. (1998). The decision diffie-hellman problem. pages 48-63. Springer.
  8. Boneh, D. and Franklin, M. (2001). Identity-based encryption from the weil pairing. In Advances in Cryptology - CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 213-229. Springer.
  9. Brauer, A. (1939). On addition chains. In Bull. Amer. Math. Soc., volume 45, pages 736-739.
  10. Canetti, R., Krawczyk, H., and Nielsen, J. (2003). Relaxing chosen-ciphertext security. In Advances in Cryptology - CRYPTO 2003, volume 2729 of Lecture Notes in Computer Science, pages 565-582. Springer.
  11. Cloud Security Alliance (2009). Security guidance for critical areas of focus in cloud computing. http://tinyurl.com//ycrchqj.
  12. European Network and Information Security Agency (2010). Cloud computing risk assessment. http://www.enisa. europa.eu/act/rm/files/ deliverables/cloud-computing-risk-assessment/at down load/fullReport.
  13. Galindo, D. and Herranz, J. (2006). A generic construction for token-controlled public key encryption. In Di Crescenzo, G. and Rubin, A., editors, Financial Cryptography and Data Security, volume 4107 of Lecture Notes in Computer Science, pages 177-190. Springer.
  14. Google (2012). Google App for Buiziness. http:// www.google.com/apps/intl/en/business/index.html.
  15. Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security, CCS 7806, pages 89-98. Algorithms and Computation in Mathematics.
  16. Green, M., Hohenberger, S., and Waters, B. (2011). Outsourcing the decryption of ABE ciphertexts. In Proceedings of the 20th USENIX conference on Security, SEC'11, pages 34-34. USENIX Association.
  17. Hinek, M. J., Jiang, S., Safavi-Naini, R., and Shahandashti, S. F. (2008). Attribute-based encryption with key cloning protection. Cryptology ePrint Archive, Report 2008/478.
  18. Joux, A. (2004). A one round protocol for tripartite diffie?hellman. Journal of Cryptology, 17:263-276.
  19. Lewko, A., Okamoto, T., Sahai, A., Takashima, K., and Waters, B. (2010). Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In Advances in Cryptology - EUROCRYPT 2010, volume 6110 of Lecture Notes in Computer Science, pages 62-91. Springer.
  20. Naehrig, M., Niederhagen, R., and Schwabe, P. (2010). New software speed records for cryptographic pairings. In Progress in Cryptology - LATINCRYPT 2010, volume 6212 of Lecture Notes in Computer Science, pages 109- 123. Springer.
  21. NIST (2009). The nist definition of cloud computing. http://csrc.nist.gov/publications/nistpubs/800-145/ SP800-145.pdf.
  22. Sadeghi, A., Schneider, T., and Winandy, M. (2010). Tokenbased cloud computing. In Trust and Trustworthy Computing, volume 6101 of Lecture Notes in Computer Science, pages 417-429. Springer.
  23. Sahai, A. and Waters, B. (2005). Fuzzy identity-based encryption. In Advances in Cryptology - EUROCRYPT 2005, volume 3494 of Lecture Notes in Computer Science, pages 557-557. Springer.
  24. Scott, M. (2011). On the efficient implementation of pairingbased protocols. Cryptology ePrint Archive, Report 2011/334.
  25. Shirase, M., Takagi, T., and Okamoto, E. (2008). Some efficient algorithms for the final exponentiation of ?T pairing. IEICE Transactions, 91-A(1):221-228.
  26. Waters, B. (2011). Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Public Key Cryptography - PKC 2011, volume 6571 of Lecture Notes in Computer Science, pages 53-70. Springer.
  27. Zhou, Z. and Huang, D. (2011). Efficient and secure data storage operations for mobile cloud computing. Cryptology ePrint Archive, Report 2011/185.
Download


Paper Citation


in Harvard Style

Ishiguro T., Kiyomoto S. and Miyake Y. (2013). A Key-revocable Attribute-based Encryption for Mobile Cloud Environments . In Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013) ISBN 978-989-8565-73-0, pages 51-61. DOI: 10.5220/0004505300510061


in Bibtex Style

@conference{secrypt13,
author={Tsukasa Ishiguro and Shinsaku Kiyomoto and Yutaka Miyake},
title={A Key-revocable Attribute-based Encryption for Mobile Cloud Environments},
booktitle={Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)},
year={2013},
pages={51-61},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004505300510061},
isbn={978-989-8565-73-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)
TI - A Key-revocable Attribute-based Encryption for Mobile Cloud Environments
SN - 978-989-8565-73-0
AU - Ishiguro T.
AU - Kiyomoto S.
AU - Miyake Y.
PY - 2013
SP - 51
EP - 61
DO - 10.5220/0004505300510061