Research On Decentralized Attribute Based Encryption For Mobile Cloud Computing

With the development of cloud computing and the popularization of smart mobile devices,more and more people outsource their data to cloud for storing.But the cloud service providers are untrusted,and the data owner can not control the cloud data any more,raising new challenges on security and privacy inevitably.Therefore,we need light cryptographic algorithms to encrypt the data.Among the existing research,multi-authority attribute-based encryption(ABE)scheme is regarded as one of the most promising technologies.However,the most existing ABE schemes cannot be directly used for the mobile devices due to the following shortages:First,the multiple authority ABE(MA-ABE)scheme involves a lot of complicated calculation,the computation cost of encryption and decryption are go liner with the number of attributes.The cost are expensive,especially for those resource constrained mobile devices.Second,some MA-ABE scheme needs a trust central authority(CA)in the system,which is responsible for key generation,even can decrypt the ciphertext,its permission is too large.Third,for a practical ABE scheme,an efficient revocation mechanism is required.What's more,in contemporary MA-ABE schemes,a user's secret keys from different authorities must be tied to his global identifier(GID)to resist the collusion attack.However,this will compromise the user's privacy.Aiming at the aforementioned problems,we deeply study on the design of MA-ABE scheme for mobile cloud computing.Our main contributions are as follows:(1)We presented a key-policy decentralized ABE scheme based on the scheme of Longo et al.We adopt the offline/online technique combining with the verifiable outsourced computation technique to reduce the computation of encryption and decryption.As a result,the most computation of encryption can be done offline,and the majority if computation workload in decryption can be outsourced to the decrypt servers.With respect to the efficient attribute revocation,we utilize proxy re-encryption technique to update the ciphertext,such that the unrevoked user still can access the data.Finally,we proved the scheme is secure under the decisional Bilinear Diffie-Hellman assumption.(2)We also presented a novel ciphertext-policy decentralized ABE scheme under the qparallel Bilinear Diffie-Hellman Exponent assumption,based on the same ideas above.In this scheme,multiple authorities can work independently without coordination among them or any CA.In order to resist the collusion attack from the users,the global identifier(GID)is used to tie all the user's secret keys issued from different authority.Similarly,this scheme also supports offline/online encryption,verifiable outsourced decryption and attribute revocation.In addition,this paper proposed an anonymous key issuing protocol to achieve privacy preserving,and prove the security of this protocol.Finally,we proof the scheme is choose plaintext attack(CPA)security.(3)We simulated the above two schemes.The experimental result shows that these schemes significantly reduce the computation time for both data encryption and data decryption.Furthermore,these schemes can achieve efficient attribute revocation,which are good for the storage and sharing of mobile cloud data.