Attribute-based encryption with expressive and authorized keyword search

Cui, H, Deng, R, Liu, J and Li, Y 2017, 'Attribute-based encryption with expressive and authorized keyword search', in Australasian Conference on Information Security and Privacy 2017, Auckland, New Zealand, 3-5 July 2017, pp. 106-126.


Document type: Conference Paper
Collection: Conference Papers

Title Attribute-based encryption with expressive and authorized keyword search
Author(s) Cui, H
Deng, R
Liu, J
Li, Y
Year 2017
Conference name ACISP 2017
Conference location Auckland, New Zealand
Conference dates 3-5 July 2017
Proceedings title Australasian Conference on Information Security and Privacy 2017
Publisher Springer
Place of publication Germany
Start page 106
End page 126
Total pages 21
Abstract To protect data security and privacy in cloud storage systems, a common solution is to outsource data in encrypted forms so that the data will remain secure and private even if storage systems are compromised. The encrypted data, however, must be pliable to search and access control. In this paper, we introduce a notion of attribute-based encryption with expressive and authorized keyword search (ABE-EAKS) to support both expressive keyword search and fine-grained access control over encrypted data in the cloud. In ABE-EAKS, every data user is associated with a set of attributes and is issued a private attribute-key corresponding to his/her attribute set, and each data owner encrypts the message using attribute-based encryption and attaches the encrypted message with encrypted keywords related with the message, and then uploads the encrypted message and keywords to the cloud. To access encrypted messages containing certain keywords satisfying a search policy, a data user generates a trapdoor for the search policy using his/her private attribute-key and sends it to the cloud server equipped to the cloud. The cloud server searches over encrypted data stored in the cloud for the encrypted messages containing keywords satisfying the search policy and sends back the results to the data user who then decrypts the returned ciphertexts to obtain the underlying messages. We present a generic construction for ABE-EAKS, formally prove its security, give a concrete construction, and then extend the concrete ABE-EAKS scheme to support user revocation. Also, we implement the proposed ABE-EAKS scheme and its extension and study their performance through experiments.
Subjects Data Encryption
Keyword(s) Access control
Attribute-based encryption
Cloud storage
Data security and privacy
Search
DOI - identifier 10.1007/978-3-319-60055-0_6
Copyright notice © Springer International Publishing AG 2017.
ISSN 0302-9743
Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 2 times in Thomson Reuters Web of Science Article | Citations
Scopus Citation Count Cited 0 times in Scopus Article
Altmetric details:
Access Statistics: 22 Abstract Views  -  Detailed Statistics
Created: Wed, 24 Jan 2018, 09:28:00 EST by Catalyst Administrator
© 2014 RMIT Research Repository • Powered by Fez SoftwareContact us