Abstract
Attribute-based encryption [19] is developed based on fuzzy identity encryption. In the identity-giving cryptosystem, the user’s public key can be any information that identifies the users. The original ABE schemes define a Central Authority (CA) for key management, allowing users to verify the ownership of attributes and thereby get access to sensitive resources. However, this CA construction is contradictory to the distributed computing requirement and compromises the users’ privacy. Meanwhile, it does not fit the large-scaled computing environment. Thus, in our paper, we propose a new anonymous, decentralized, unlinkable access and collusion attack that prevented CP-ABE scheme with a pseudonym system by Chaum to improve user privacy and data security.
This research has been partially supported by Application Domain Specific Highly Reliable IT Solutions project which has been implemented with the support provided from the National Research, Development and Innovation Fund of Hungary, financed under the Thematic Excellence Programme TKP2020-NKA-06 (National Challenges Subprogramme) funding scheme).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
J. Bethencourt, A. Sahai, B. Waters, Ciphertext-policy attribute-based encryption, in 2007 IEEE Symposium on Security and Privacy (SP’07) (IEEE, 2007), pp. 321–334
S. Brands, Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy (MIT Press, 2000)
J. Brown, P. Stradling, C.H. Wittenberg, U-prove ctp r2 whitepaper. Technical report (Microsoft Corporation, 2011)
V. Božović, D. Socek, R. Steinwandt, V.I. Villányi, Multi-authority attribute-based encryption with honest-but-curious central authority. Int. J. Comput. Math. 89(3), 268–283 (2009)
J. Camenisch, Specification of the Identity Mixer Cryptographic Library (IBM Research-Zuric, 2010), pp. 1-48
J. Camenisch, Concepts around privacy-preserving attribute-based credentials, in IFIP PrimeLife International Summer School on Privacy and Identity Management for Life (Springer, Berlin, 2013), pp. 53–63
J. Camenisch, A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, in International Conference on the Theory and Applications of Cryptographic Techniques (Springer, Berlin, 2001), pp. 93–118
J. Camenisch, S. Fischer-Hübner, K. Rannenberg, (eds.), Privacy and Identity Management for Life (Springer Science & Business Media, 2011)
M. Chase, S.S. Chow, Improving privacy and security in multi-authority attribute-based encryption, in Proceedings of the 16th ACM Conference on Computer and Communications Security (2009), pp. 121–130
M. Chase, Multi-authority attribute based encryption, in Theory of Cryptography Conference (Springer, Berlin, 2007), pp. 515–534
D. Chaum, Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)
V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proceedings of the 13th ACM Conference on Computer and Communications Security (2006), pp. 89–98
H. Lin, Z. Cao, X. Liang, J. Shao, Secure threshold multi authority attribute based encryption without a central authority, in International Conference on Cryptology in India (Springer, Berlin, 2008), pp. 426–436
J. Hur, D. Koo, S.O. Hwang, K. Kang, Removing escrow from ciphertext policy attribute-based encryption. Comput. Math. Appl. 65(9), 1310–1317 (2013). ISSN 0898-1221, https://doi.org/10.1016/j.camwa.2012.02.005
D.S. Kasunde, A.A. Manjrekar, Verification of multi-owner shared data with collusion resistant user revocation in cloud, in 2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT) (IEEE, 2016), pp. 182–185
M. Koning, P. Korenhof, G. Alpár, J.H. Hoepman, The ABC of ABC: an analysis of attribute-based credentials in the light of data protection, privacy and identity (2014)
K. Rannenberg, J. Camenisch, A. Sabouri, Attribute-Based Credentials for Trust (Identity in the Information Society, Springer, 2015)
R. Gennaro, S. Jarecki, H. Krawczyk, T. Rabin, Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2007)
A. Sahai, B. Waters, Fuzzy identity-based encryption, in Annual International Conference on the Theory and Applications of Cryptographic Techniques (Springer, Berlin, 2005), pp. 457–473
V.K.A. Sandor, Y. Lin, X. Li, F. Lin, S. Zhang, Efficient decentralized multi-authority attribute based encryption for mobile cloud data storage. J. Netw. Comput. Appl. 129, 25–36 (2019)
Y. Yan, M.B. Kamel, P. Ligeti, Attribute-based encryption in cloud computing environment, in 2020 International Conference on Computing, Electronics and Communications Engineering (iCCECE) (IEEE. 2020), pp. 63–68
K. Yang, X. Jia, Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(7), 1735–1744 (2013)
B. Waters, Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization, in International Workshop on Public Key Cryptography (Springer, Berlin, 2011), pp. 53–70
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yan, Y., Ligeti, P. (2022). Improving Security and Privacy in Attribute-Based Encryption with Anonymous Credential. In: Singh, P.K., Singh, Y., Chhabra, J.K., Illés, Z., Verma, C. (eds) Recent Innovations in Computing. Lecture Notes in Electrical Engineering, vol 855. Springer, Singapore. https://doi.org/10.1007/978-981-16-8892-8_58
Download citation
DOI: https://doi.org/10.1007/978-981-16-8892-8_58
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-8891-1
Online ISBN: 978-981-16-8892-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)