Paper 2016/668

Analysis of a Secure and Verifiable Policy Update Outsourcing Scheme for Big Data Access Control in the Cloud

Wei Yuan

Abstract

How to flexibly change the access policy after the initial data access policy has been set is a critical problem to promote attribute-based encryption (ABE) from a theoretical tool to a practical tool. Since the first ABE scheme emerges, many schemes have been proposed to solve the problem but the problem remains unsolved yet. The reason is that the overheads of changing an old access policy to a new one are larger than that of generating a ciphertext with the new access policy directly. Recently, in IEEE Transactions on Parallel and Distributed Systems (DOI:10.1109/TPDS.2014.2380373), Yang et al. proposed a multi-authority ciphertext-policy (CP) ABE scheme with ciphertext updating function. The authors declared that the access policy of the ciphertext can be dynamically modified with the old ciphertext and the scheme is correct, complete, secure, and efficient. However, after revisiting this paper, we found that the scheme is not correct under the system model defined by the authors. Some necessary algorithms are missing such that users cannot decrypt the updated ciphertexts. Moreover, if new algorithms are added into the system model to ensure that the scheme is correct, complete, and secure, the scheme will be not as efficient as the authors declared. Consequently, the scheme fails to achieve the claimed results.

Metadata
Available format(s)
-- withdrawn --
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Contact author(s)
yuanwei @ iie ac cn
History
2016-07-06: withdrawn
2016-07-04: received
See all versions
Short URL
https://ia.cr/2016/668
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.