ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2015, Vol. 52 ›› Issue (10): 2293-2303.doi: 10.7544/issn1000-1239.2015.20150550

Special Issue: 2015网络安全与隐私保护研究进展

Previous Articles     Next Articles

Accountable Attribute-Based Encryption Scheme Without Key Escrow

Zhang Xing1, Wen Zilong2, Shen Qingni2, Fang Yuejian2, Wu Zhonghai2,3   

  1. 1(School of Electronics Engineering and Computer Science, Peking University, Beijing 100871);2(School of Software and Microelectronics, Peking University, Beijing 102600);3(National Engineering Research Center for Software Engineering, Peking University, Beijing 100871)
  • Online:2015-10-01

Abstract: To ensure the security of sensitive data on cloud storage, people need to store them in encrypted form. Attribute-based encryption (ABE) is widely applied to the fine-grained sharing of encrypted data stored in the third parties. However, there exist three types of data confidentiality issues in ABE schemes: 1) As secret key does not contain identity-specified information, a user can share his/her secret key without being identified; 2) Key generation center (KGC) can generate a user’s secret key with arbitrary access structure or attribute set; 3) KGC can decrypt ciphertext directly using its master key. As the existence of these three issues, the security of data in the ABE system faces great challenges. In this paper, we proposed an accountable key-policy attribute-based encryption scheme without key escrow (WoKE-AKP-ABE). In our construction, we have two authorities which are KGC and attribute authority (AA). KGC generates identity-related part in user’s secret key, and KGC and AA generate attribute-related part through cooperation. Our scheme has chosen plaintext security in the selective-set model under the decisional bilinear Diffie-Hellman assumption and can resist the attack from not only dishonest user or authority but also the collusion between user and single authority. Our scheme can trace decoder box in black-box model.

Key words: cloud storage, data sharing, attribute-based encryption (ABE), accountability, key escrow

CLC Number: