The Research On Traceable And Decryption Outsourced Attribute-Based Encryption

Attribute-Based Encryption(ABE)provides a sophisticated mechanism that enables people to share his/her sensitive data through a general and expressive way,and it has attracted much attention from both academic and industrial world.ABE,though,has moved beyond theory to practical reality,there still exists several major issues awaiting to solve.In the context of ABE,since the decryption privilege is shared by multiple users,it is difficult to identify the original key owner when given an exposed key.To address this problem,we need to add the property of traceability to the conventional ABE.On the other hand,the decryption of ABE involves expensive pairing operations,and such largely pairing operations during decryption often grow with the complexity of the access policy.To address this issue,we need to outsource the largely pairing operations involved in decryption to the cloud.To pursue secure ABE with efficient traceability and decryption outsourcing is one of the recent hot topics.In this thesis,we mainly focus on the researches of the traceability property and the decryption outsourcing property of ABE.The main work and contributions of the present thesis are as follows:(1)White-box traceable CP-ABE supporting flexible attributes.There has been significant progress in CP-ABE over the recent years because of two properties called traceability and large universe,greatly enriching the commercial applications of CP-ABE.Traceability is the ability of ABE to trace the malicious users or traitors who intentionally leak the(partial or modified)decryption keys.Nevertheless,due to the nature of CP-ABE,it is difficult to identify the original key owner from an exposed key since the decryption privilege is shared by multiple users who have the same attributes.On the other hand,the property of large universe in ABE enlarges the practical applications by supporting flexible number of attributes.Several systems have been proposed to obtain either of the above properties.However,none of them achieve the two properties simultaneously in practice,which limits the commercial applications of CP-ABE to a certain extent.In this thesis,we propose two practical large universe CP-ABE systems supporting white-box traceability.Compared to existing systems,both the two proposed systems have two advantages: 1)The number of attributes is not polynomially bounded;and,2)Malicious users who leak their decryption keys could be traced.Moreover,another remarkable advantage of the second proposed system is that the storage overhead for traitor tracing is constant,which are suitable for commercial applications.(2)Accountable authority CP-ABE with white-box traceability and public auditing.The key abuse problem is one of the major issues awaiting to be solved when deploying CP-ABE systems in practice.Most of the existing CP-ABE systems missed this critical functionality,hindering the wide utilization and commercial application of CP-ABE systems to date.In this thesis,we address two practical problems about the key abuse of CP-ABE: 1)The key escrow problem of the semi-trusted authority;and,2)The malicious key delegation problem of the users.For the semi-trusted authority,its misbehavior(i.e.,illegal key(re-)distribution)should be caught and prosecuted.And for a user,his/her malicious behavior(i.e.,illegal key sharing)need be traced.We affirmatively solve these two key abuse problems by proposing the first accountable authority CP-ABE with white-box traceability that supports policies expressed in any monotone access structures.Moreover,we provide an auditor to judge publicly whether a suspected user is guilty or is framed by the authority.(3)White-Box traceable CP-ABE with zero storage cost for traitor tracing.CP-ABE provides fine-grained access control for cloud storage service.However,the decryption ability sharing property of CP-ABE leaves the malicious cloud users a chance to leak their access credentials to outsourced data in clouds for profits without the risk of being caught,which severely damages data security.To catch people leaking their access credentials to outsourced data in clouds effectively,we first propose two kinds of non-interactive commitments for traitor tracing.Then we present a fully secure traceable CP-ABE system for cloud storage service from the proposed commitment with zero storage cost for traitor tracing.We also provide extensive experimental results to confirm the feasibility and efficiency of the proposed solution.(4)Auditable ?-times outsourced attribute-based encryption for access control in cloud computing.For current CP-ABE,in addition to the traceability issue,there still exist two main drawbacks awaiting to be solved that limit the wide utilization of CP-ABE to date.One is that the decryption involves expensive pairing operations which often grow with the complexity of the access policy.Another drawback is that one can get the access privilege for unlimited times as long as his/her attribute set satisfies the access policy of a ciphertext.Such unlimited times access control provided by CP-ABE is undesirable for many cloud computing commercial applications(especially in the pay-as-you-use style scenario).To address the above drawbacks,we propose a new notion called auditable ?-times outsourced CP-ABE.In this new notion,expensive pairing operations involved in decryption can be outsourced to the cloud and the correctness of the outsourced results can be audited efficiently.Moreover,it provides ?-times fine-grained access control for encrypted data shared in the cloud.In addition,it is key-leakage resistance.We show a concrete construction in the Key Encapsulation Mechanism(KEM)setting based on Rouselakis and Waters' s prime order CP-ABE,and provide extensive experimental results to confirm the feasibility and efficiency.