Attribute-Based Access Control for Multi-Authority Systems with Constant Size Ciphertext in Cloud Computing

作     者：CHEN Yanli SONG Lingling YANG Geng 

作者机构：College of Computer Nanjing University of Post &Telecommunications Overseas Cooperation & Exchange Offi ce Nanjing University of Post &Telecommunications 

出 版 物：《China Communications》 (中国通信（英文版）)

年 卷 期：2016年第13卷第2期

页      面：146-162页

核心收录：

学科分类：11[军事学] 0810[工学-信息与通信工程] 1105[军事学-军队指挥学] 0808[工学-电气工程] 0809[工学-电子科学与技术（可授工学、理学学位）] 0839[工学-网络空间安全] 08[工学] 110505[军事学-密码学] 110503[军事学-军事通信学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：supported by National Natural Science Foundation of China under Grant No.60873231 Natural Science Foundation of Jiangsu Province under Grant No.BK2009426 Major State Basic Research Development Program of China under Grant No.2011CB302903 Key University Science Research Project of Jiangsu Province under Grant No.11KJA520002 

主　　题：cloud computing attribute-basedencryption access control multi-authority constant ciphertext length attribute revocation 

摘      要：In most existing CP-ABE schemes, there is only one authority in the system and all the public keys and private keys are issued by this authority, which incurs ciphertext size and computation costs in the encryption and decryption operations that depend at least linearly on the number of attributes involved in the access policy. We propose an efficient multi-authority CP-ABE scheme in which the authorities need not interact to generate public information during the system initialization phase. Our scheme has constant ciphertext length and a constant number of pairing computations. Our scheme can be proven CPA-secure in random oracle model under the decision q-BDHE assumption. When user s attributes revocation occurs, the scheme transfers most re-encryption work to the cloud service provider, reducing the data owner s computational cost on the premise of security. Finally the analysis and simulation result show that the schemes proposed in this thesis ensure the privacy and secure access of sensitive data stored in the cloud server, and be able to cope with the dynamic changes of users access privileges in large-scale systems. Besides, the multi-authority ABE eliminates the key escrow problem, achieves the length of ciphertext optimization and enhances the effi ciency of the encryption and decryption operations.