Skip to main content
SpringerLink
Log in

Cryptanaylsis to Sowjanya et al.’s ABEs from ECC

  • Conference paper
  • First Online:
2021 International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications

Part of the book series: Smart Innovation, Systems and Technologies ((SIST,volume 314))

Abstract

Attribute-based encryption is a one-to-many, fine-grained access control mechanism, which is suitable for the modern data sharing model in clouds. To reduce the computation overhead, several attribute-based encryption schemes based elliptic curve cryptography have been proposed in the literatures. However, most of these schemes are not secure. In this manuscript, we review on the pairing-free ciphertext-policy attribute-based encryption proposed by Sowjanya et al. in 2021, and give the cryptanalysis on their scheme. More precisely, we demonstrate an attack method to their scheme, which allows a third party, called decryption server in their scheme, to generate private key of any chosen attribute set. Thus, by applying our attack, the decryption server is able to decrypt any ciphertext.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 249.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) Advances in Cryptology—CRYPTO 2001, pp. 213–229. Springer, Berlin, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Boyen, X.: Attribute-based functional encryption on lattices. In: Sahai, A. (ed.) Theory of Cryptography, pp. 122–142. Springer, Berlin, Heidelberg (2013)

    Chapter  Google Scholar 

  3. Challagidad, P.S., Birje, M.N.: Efficient multi-authority access control using attribute-based encryption in cloud storage. Proc. Comput. Sci. 167, 840–849 (2020). https://doi.org/10.1016/j.procs.2020.03.423, https://www.sciencedirect.com/science/article/pii/S1877050920308899, International Conference on Computational Intelligence and Data Science

  4. Cheng, R., Wu, K., Su, Y., Li, W., Cui, W., Tong, J.: An efficient ECC-based CP-ABE scheme for power IoT. Processes 9(7) (2021). https://doi.org/10.3390/pr9071176, https://www.mdpi.com/2227-9717/9/7/1176

  5. Ding, S., Li, C., Li, H.: A novel efficient pairing-free CP-ABE based on elliptic curve cryptography for IoT. IEEE Access 6, 27336–27345 (2018). https://doi.org/10.1109/ACCESS.2018.2836350

    Article  Google Scholar 

  6. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) Advances in Cryptology, pp. 10–18. Springer, Berlin, Heidelberg (1985)

    Chapter  Google Scholar 

  7. Ge, C., Susilo, W., Baek, J., Liu, Z., Xia, J., Fang, L.: Revocable attribute-based encryption with data integrity in clouds. IEEE Trans. Depend. Secure Comput. 1–1 (2021). https://doi.org/10.1109/TDSC.2021.3065999

  8. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 89–98 (2006). https://doi.org/10.1145/1180405.1180418

  9. Herranz, J.: Attribute-based encryption implies identity-based encryption. IET Inf. Secur. 11(6), 332–337 (2017)

    Article  Google Scholar 

  10. Hur, J.: Improving security and efficiency in attribute-based data sharing. IEEE Trans. Knowl. Data Eng. 25(10), 2271–2282 (2013). https://doi.org/10.1109/TKDE.2011.78

    Article  Google Scholar 

  11. Karati, A., Amin, R., Biswas, G.P.: Provably secure threshold-based abe scheme without bilinear map. Arab. J. Sci. Eng. 41, 3201–3213 (2016)

    Article  Google Scholar 

  12. Khandla, D., Shahy, H., Bz, M.K., Pais, A.R., Raj, N.: Expressive CP-ABE scheme satisfying constant-size keys and ciphertexts. Cryptology ePrint Archive, Report 2019/1257 (2019), https://ia.cr/2019/1257

  13. Liu, S., Yu, J., Xiao, Y., Wan, Z., Wang, S., Yan, B.: BC-SABE: Blockchain-aided searchable attribute-based encryption for cloud-Iot. IEEE Internet Things J. 7(9), 7851–7867 (2020). https://doi.org/10.1109/JIOT.2020.2993231

    Article  Google Scholar 

  14. Odelu, V., Das, A.K., Khurram Khan, M., Choo, K.R., Jo, M.: Expressive CP-ABE scheme for mobile devices in IoT satisfying constant-size keys and ciphertexts. IEEE Access 5, 3273–3283 (2017)

    Article  Google Scholar 

  15. Odelu, V., Das, A.K.: Design of a new cp-abe with constant-size secret keys for lightweight devices using elliptic curve cryptography. Secur. Commun. Netw. 9(17), 4048–4059 (2016)

    Google Scholar 

  16. Premkamal, P.K., Pasupuleti, S.K., Alphonse, P.J.A.: Dynamic traceable CP-ABE with revocation for outsourced big data in cloud storage. Int. J. Commun. Syst. 34 (2021)

    Google Scholar 

  17. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Google Scholar 

  18. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) Advances in Cryptology—EUROCRYPT 2005, pp. 457–473. Springer, Berlin, Heidelberg (2005)

    Chapter  Google Scholar 

  19. Sowjanya, K., Dasgupta, M., Ray, S.: A lightweight key management scheme for key-escrow-free ecc-based CP-ABE for IoT healthcare systems. J. Syst. Architect. 117, 102108 (2021)

    Google Scholar 

  20. Sowjanya, K., Dasgupta, M., Ray, S., Obaidat, M.S.: An efficient elliptic curve cryptography-based without pairing KPABE for internet of things. IEEE Syst. J. 14(2), 2154–2163 (2020). https://doi.org/10.1109/JSYST.2019.2944240

    Article  Google Scholar 

  21. Tan, S.Y., Yeow, K.W., Hwang, S.O.: Enhancement of a lightweight attribute-based encryption scheme for the internet of things. IEEE Internet Things J. 6(4), 6384–6395 (2019). https://doi.org/10.1109/JIOT.2019.2900631

    Article  Google Scholar 

  22. Wang, G., Liu, Z., Gu, D.: Ciphertext policy attribute-based encryption for circuits from LWE assumption. In: Zhou, J., Luo, X., Shen, Q., Xu, Z. (eds.) Information and Communications Security, pp. 378–396. Springer International Publishing, Cham (2020)

    Chapter  Google Scholar 

  23. Wang, Y., Chen, B., Li, L., Ma, Q., Li, H., He, D.: Efficient and secure ciphertext-policy attribute-based encryption without pairing for cloud-assisted smart grid. IEEE Access 8, 40704–40713 (2020). https://doi.org/10.1109/ACCESS.2020.2976746

    Article  Google Scholar 

  24. Xu, S., Yuan, J., Xu, G., Li, Y., Liu, X., Zhang, Y., Ying, Z.: Efficient ciphertext-policy attribute-based encryption with blackbox traceability. Inf. Sci. 538 (2020). https://doi.org/10.1016/j.ins.2020.05.115

  25. Yao, X., Chen, Z., Tian, Y.: A lightweight attribute-based encryption scheme for the internet of things. Future Gener. Comput. Syst. 49, 104–112 (2015)

    Google Scholar 

  26. Yu, Y., Guo, L., Liu, S., Zheng, J., Wang, H.: Privacy protection scheme based on cp-abe in crowdsourcing-iot for smart ocean. IEEE Internet Things J. 7(10), 10061–10071 (2020). https://doi.org/10.1109/JIOT.2020.2989476

    Article  Google Scholar 

  27. Zhang, J., Zhang, Z., Ge, A.: Ciphertext policy attribute-based encryption from lattices. In: ASIACCS ’12, Association for Computing Machinery, pp. 16–17. New York, NY, USA (2012). https://doi.org/10.1145/2414456.2414464

  28. Zhang, S., Li, W., Wen, Q., Zhang, H., Jin, Z.: A flexible KP-ABE suit for mobile user realizing decryption outsourcing and attribute revocation. Wireless Pers. Commun. 114(4), 2783–2800 (2020)

    Article  Google Scholar 

  29. Zhang, Y., Deng, R.H., Xu, S., Sun, J., Li, Q., Zheng, D.: Attribute-based encryption for cloud computing access control: a survey. ACM Comput. Surv. 53(4) (2020). https://doi.org/10.1145/3398036

  30. Zhang, Z., Zeng, P., Pan, B., Choo, K.K.R.: Large-universe attribute-based encryption with public traceability for cloud storage. IEEE Internet Things J. 7(10), 10314–10323 (2020). https://doi.org/10.1109/JIOT.2020.2986303

    Article  Google Scholar 

Download references

Acknowledgement

This work was partially supported by the Ministry of Science and Technology of Taiwan under grants MOST 109-2221-E-004-011-MY3, MOST 109-3111-8-004-001-,, MOST 110-2221-E-004-003-, MOST110-2218-E-004-001-MBK.

Author information

Authors and Affiliations

  1. Department of Computer Science, National Chengchi University, Taipei, Taiwan

    Yi-Fan Tseng

Authors
  1. Yi-Fan Tseng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yi-Fan Tseng .

Editor information

Editors and Affiliations

  1. Department of Informatics, University of Piraeus, Piraeus, Greece

    George A. Tsihrintzis

  2. Central Police University, Taoyuan City, Taiwan

    Shiuh-Jeng Wang

  3. National Chung Hsing University, Taichung City, Taiwan

    Iuon-Chang Lin

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tseng, YF. (2023). Cryptanaylsis to Sowjanya et al.’s ABEs from ECC. In: Tsihrintzis, G.A., Wang, SJ., Lin, IC. (eds) 2021 International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications. Smart Innovation, Systems and Technologies, vol 314. Springer, Cham. https://doi.org/10.1007/978-3-031-05491-4_29

Download citation

Publish with us

Policies and ethics

Search

Navigation