Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme

ISCAS OpenIR

	Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme
	Wang, MQ; Zhang, ZF; Chen, C
	2016
发表期刊	CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE
ISSN	1532-0626
卷号	28 期号:4 页码:1237-1245
摘要	As it does not require a central authority or the cooperation among multiple authorities, decentralized attribute-based encryption is an efficient and flexible multi-authority attribute-based encryption system. In most existing multi-authority attribute-based encryption schemes, a global identifier (GID) is introduced to act as the linchpin to resist collusion attacks. Because GID as well as some sensitive attributes used to apply for secret keys will lead to the compromise of user's privacy, some schemes towards solving these privacy issues have been proposed. Nevertheless, only the privacy of GID was considered in prior works. Recently in ESORICS 2014, Han et al. put forward a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme in the standard model to address the additive privacy of attributes. In their work, a privacy-preserving key extract protocol is presented to protect both user's identifier and attributes. In this paper, we point out the security weakness of the scheme of Han et al. We present a collusion attack on their basic decentralized ciphertext-policy attribute-based encryption scheme and additionally show that the privacy protection of attributes in their privacy-preserving key extract protocol cannot be provided. Copyright (c) 2015 John Wiley & Sons, Ltd.; As it does not require a central authority or the cooperation among multiple authorities, decentralized attribute-based encryption is an efficient and flexible multi-authority attribute-based encryption system. In most existing multi-authority attribute-based encryption schemes, a global identifier (GID) is introduced to act as the linchpin to resist collusion attacks. Because GID as well as some sensitive attributes used to apply for secret keys will lead to the compromise of user's privacy, some schemes towards solving these privacy issues have been proposed. Nevertheless, only the privacy of GID was considered in prior works. Recently in ESORICS 2014, Han et al. put forward a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme in the standard model to address the additive privacy of attributes. In their work, a privacy-preserving key extract protocol is presented to protect both user's identifier and attributes. In this paper, we point out the security weakness of the scheme of Han et al. We present a collusion attack on their basic decentralized ciphertext-policy attribute-based encryption scheme and additionally show that the privacy protection of attributes in their privacy-preserving key extract protocol cannot be provided. Copyright (c) 2015 John Wiley & Sons, Ltd.
收录类别	SCI
关键词	Privacy-preserving Decentralized Attribute-based Encryption Security Analysis
部门归属	Chinese Acad Sci, Inst Software, Trusted Comp & Informat Assurance Lab, Beijing, Peoples R China.
语种	英语
WOS记录号	WOS:000370646300020
引用统计	被引频次：21[WOS] [WOS记录] [WOS相关记录]
内容类型	期刊论文
URI标识	http://ir.iscas.ac.cn/handle/311060/17341
专题	中国科学院软件研究所
推荐引用方式 GB/T 7714	Wang, MQ,Zhang, ZF,Chen, C. Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme[J]. CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE,2016,28(4):1237-1245.
APA	Wang, MQ,Zhang, ZF,&Chen, C.(2016).Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme.CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE,28(4),1237-1245.
MLA	Wang, MQ,et al."Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme".CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE 28.4(2016):1237-1245.