Research On Attribute-based Encryption Scheme With Cryptographic Reverse Firewall

Attribute-Based Encryption(ABE)is an advanced type of public key encryption cryptosystem,where the secret key and the ciphertext is associated with an access structure or a set of attributes respectively,hence the user is able to decrypt ciphertext if and only if the set of attributes satisfies the access structure.At present,the ABE primitive has been widely used in encrypted storage searching and sharing.The outbreak of the Snowden incident shows that the provably secure encryption schemes may still turn into insecure due to facing some unpredictable backdoor attacks in realworld deployments,where the attackers design backdoors on the equipment of users which seriously threatens the security of the scheme.To deal with the attack,the concept of Cryptographic Reverse Firewall(CRF)is introduced with an aim of preserving protocol functions and resisting penetration attacks.However,the CRF is currently only deployed in some basic cryptographic schemes and protocols,in which the designs of the CRF for ABE schemes is not much researched.This work aims to present CRF construction for the deployment in ABE,where the proposed solutions not only have a certain theoretical significance but also have practical values.Concretely,the contributions are summarized as follows:(1)this work presents an ABE-based searchable encryption scheme supporting attribute revocation with CRF(ABKS-AR-CRF).The scheme supports user attribute revocation,and the ciphertext and the secret key are of malleable to meet the requirements of deploying CRF,in order to carry out security protection and resistance to penetration.Moreover,the ABKS-AR-CRF scheme is proven to be secure against select keyword attack and achieve keyword privacy.(2)this work presents a Multi-authority ABE scheme with CRF(MA-ABE-CRF).The scheme supports multiple authorizations and a flexible access control policy,while still preserves the functionality of multi-authority ABE and achieves penetration resistance.Moreover,this work proves the chosen-plaintext attack(CPA)security of the MA-ABE-CRF scheme and conduct simulated experiments to illustrate practicality.