Cryptology ePrint Archive: Report 2016/668

Analysis of a Secure and Verifiable Policy Update Outsourcing Scheme for Big Data Access Control in the Cloud

Wei Yuan

Abstract: How to flexibly change the access policy after the initial data access policy has been set is a critical problem to promote attribute-based encryption (ABE) from a theoretical tool to a practical tool. Since the first ABE scheme emerges, many schemes have been proposed to solve the problem but the problem remains unsolved yet. The reason is that the overheads of changing an old access policy to a new one are larger than that of generating a ciphertext with the new access policy directly. Recently, in IEEE Transactions on Parallel and Distributed Systems (DOI:10.1109/TPDS.2014.2380373), Yang et al. proposed a multi-authority ciphertext-policy (CP) ABE scheme with ciphertext updating function. The authors declared that the access policy of the ciphertext can be dynamically modified with the old ciphertext and the scheme is correct, complete, secure, and efficient. However, after revisiting this paper, we found that the scheme is not correct under the system model defined by the authors. Some necessary algorithms are missing such that users cannot decrypt the updated ciphertexts. Moreover, if new algorithms are added into the system model to ensure that the scheme is correct, complete, and secure, the scheme will be not as efficient as the authors declared. Consequently, the scheme fails to achieve the claimed results.

Category / Keywords: public-key cryptography /

Date: received 29 Jun 2016, withdrawn 5 Jul 2016

Contact author: yuanwei at iie ac cn

Available format(s): (-- withdrawn --)

Version: 20160706:035241 (All versions of this report)

Short URL: ia.cr/2016/668

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]