Paper 2014/612

Attribute-Based Encryption Optimized for Cloud Computing

Máté Horváth

Abstract

In this work, we aim to make attribute-based encryption (ABE) more suitable for access control to data stored in the cloud. For this purpose, we concentrate on giving to the encryptor full control over the access rights, providing feasible key management even in case of multiple independent authorities, and enabling viable user revocation, which is essential in practice. Our main result is an extension of the decentralized CP-ABE scheme of Lewko and Waters with identity-based user revocation. Our revocation system is made feasible by removing the computational burden of a revocation event from the cloud service provider, at the expense of some permanent, yet acceptable overhead of the encryption and decryption algorithms run by the users. Thus, the computation overhead is distributed over a potentially large number of users, instead of putting it on a single party (e.g., a proxy server), which would easily lead to a performance bottleneck. Besides describing our scheme, we also give a formal proof of its security in the generic bilinear group and random oracle models.

Note: - corrected typos - extended details of a possible approach to the cloud storage scenario - remarks on some possible modifications (for acheiving different features) - updated future work and related works

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Major revision. G.F. Italiano et al. (Eds.): SOFSEM 2015, LNCS 8939, pp. 566–577 , 2015.
Keywords
attribute-based encryptionrevocationmulti-authoritycloud storage
Contact author(s)
er mate @ gmail com
History
2015-01-05: revised
2014-08-13: received
See all versions
Short URL
https://ia.cr/2014/612
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/612,
      author = {Máté Horváth},
      title = {Attribute-Based Encryption Optimized for Cloud Computing},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/612},
      year = {2014},
      url = {https://eprint.iacr.org/2014/612}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.