Improving Security and Privacy in Attribute-Based Encryption with Anonymous Credential

Yan, Yuping; Ligeti, Péter

doi:10.1007/978-981-16-8892-8_58

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 855))

768 Accesses
1 Citations

Abstract

Attribute-based encryption [19] is developed based on fuzzy identity encryption. In the identity-giving cryptosystem, the user’s public key can be any information that identifies the users. The original ABE schemes define a Central Authority (CA) for key management, allowing users to verify the ownership of attributes and thereby get access to sensitive resources. However, this CA construction is contradictory to the distributed computing requirement and compromises the users’ privacy. Meanwhile, it does not fit the large-scaled computing environment. Thus, in our paper, we propose a new anonymous, decentralized, unlinkable access and collusion attack that prevented CP-ABE scheme with a pseudonym system by Chaum to improve user privacy and data security.

This research has been partially supported by Application Domain Specific Highly Reliable IT Solutions project which has been implemented with the support provided from the National Research, Development and Innovation Fund of Hungary, financed under the Thematic Excellence Programme TKP2020-NKA-06 (National Challenges Subprogramme) funding scheme).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 189.00; Price excludes VAT (USA)

Softcover Book: USD 249.99; Price excludes VAT (USA)

Hardcover Book: USD 249.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

J. Bethencourt, A. Sahai, B. Waters, Ciphertext-policy attribute-based encryption, in 2007 IEEE Symposium on Security and Privacy (SP’07) (IEEE, 2007), pp. 321–334
Google Scholar
S. Brands, Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy (MIT Press, 2000)
Google Scholar
J. Brown, P. Stradling, C.H. Wittenberg, U-prove ctp r2 whitepaper. Technical report (Microsoft Corporation, 2011)
Google Scholar
V. Božović, D. Socek, R. Steinwandt, V.I. Villányi, Multi-authority attribute-based encryption with honest-but-curious central authority. Int. J. Comput. Math. 89(3), 268–283 (2009)
Article MathSciNet Google Scholar
J. Camenisch, Specification of the Identity Mixer Cryptographic Library (IBM Research-Zuric, 2010), pp. 1-48
Google Scholar
J. Camenisch, Concepts around privacy-preserving attribute-based credentials, in IFIP PrimeLife International Summer School on Privacy and Identity Management for Life (Springer, Berlin, 2013), pp. 53–63
Google Scholar
J. Camenisch, A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, in International Conference on the Theory and Applications of Cryptographic Techniques (Springer, Berlin, 2001), pp. 93–118
Google Scholar
J. Camenisch, S. Fischer-Hübner, K. Rannenberg, (eds.), Privacy and Identity Management for Life (Springer Science & Business Media, 2011)
Google Scholar
M. Chase, S.S. Chow, Improving privacy and security in multi-authority attribute-based encryption, in Proceedings of the 16th ACM Conference on Computer and Communications Security (2009), pp. 121–130
Google Scholar
M. Chase, Multi-authority attribute based encryption, in Theory of Cryptography Conference (Springer, Berlin, 2007), pp. 515–534
Google Scholar
D. Chaum, Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)
Article Google Scholar
V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proceedings of the 13th ACM Conference on Computer and Communications Security (2006), pp. 89–98
Google Scholar
H. Lin, Z. Cao, X. Liang, J. Shao, Secure threshold multi authority attribute based encryption without a central authority, in International Conference on Cryptology in India (Springer, Berlin, 2008), pp. 426–436
Google Scholar
J. Hur, D. Koo, S.O. Hwang, K. Kang, Removing escrow from ciphertext policy attribute-based encryption. Comput. Math. Appl. 65(9), 1310–1317 (2013). ISSN 0898-1221, https://doi.org/10.1016/j.camwa.2012.02.005
D.S. Kasunde, A.A. Manjrekar, Verification of multi-owner shared data with collusion resistant user revocation in cloud, in 2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT) (IEEE, 2016), pp. 182–185
Google Scholar
M. Koning, P. Korenhof, G. Alpár, J.H. Hoepman, The ABC of ABC: an analysis of attribute-based credentials in the light of data protection, privacy and identity (2014)
Google Scholar
K. Rannenberg, J. Camenisch, A. Sabouri, Attribute-Based Credentials for Trust (Identity in the Information Society, Springer, 2015)
Book Google Scholar
R. Gennaro, S. Jarecki, H. Krawczyk, T. Rabin, Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2007)
Article MathSciNet Google Scholar
A. Sahai, B. Waters, Fuzzy identity-based encryption, in Annual International Conference on the Theory and Applications of Cryptographic Techniques (Springer, Berlin, 2005), pp. 457–473
Google Scholar
V.K.A. Sandor, Y. Lin, X. Li, F. Lin, S. Zhang, Efficient decentralized multi-authority attribute based encryption for mobile cloud data storage. J. Netw. Comput. Appl. 129, 25–36 (2019)
Article Google Scholar
Y. Yan, M.B. Kamel, P. Ligeti, Attribute-based encryption in cloud computing environment, in 2020 International Conference on Computing, Electronics and Communications Engineering (iCCECE) (IEEE. 2020), pp. 63–68
Google Scholar
K. Yang, X. Jia, Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(7), 1735–1744 (2013)
Article Google Scholar
B. Waters, Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization, in International Workshop on Public Key Cryptography (Springer, Berlin, 2011), pp. 53–70
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computeralgebra, Eötvös Loránd University, Budapest, Hungary
Yuping Yan & Péter Ligeti

Authors

Yuping Yan
View author publications
You can also search for this author in PubMed Google Scholar
Péter Ligeti
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yuping Yan .

Editor information

Editors and Affiliations

KIET Group of Institutions, Ghaziabad, India
Pradeep Kumar Singh
Department of CSE, Central University of Jammu, Jammu and Kashmir, India
Yashwant Singh
Department of Computer Engineering, NIT Kurukshetra, Kurukshetra, India
Jitender Kumar Chhabra
Faculty of Informatics, Eötvös Loránd University (ELTE), Budapest, Hungary
Zoltán Illés
Faculty of Informatics, Eötvös Loránd University (ELTE), Budapest, Hungary
Chaman Verma

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Yan, Y., Ligeti, P. (2022). Improving Security and Privacy in Attribute-Based Encryption with Anonymous Credential. In: Singh, P.K., Singh, Y., Chhabra, J.K., Illés, Z., Verma, C. (eds) Recent Innovations in Computing. Lecture Notes in Electrical Engineering, vol 855. Springer, Singapore. https://doi.org/10.1007/978-981-16-8892-8_58

Download citation

DOI: https://doi.org/10.1007/978-981-16-8892-8_58
Published: 16 April 2022
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-8891-1
Online ISBN: 978-981-16-8892-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)

Publish with us

Policies and ethics

Improving Security and Privacy in Attribute-Based Encryption with Anonymous Credential