PDF | Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in. Request PDF on ResearchGate | Attribute-Based Encryption With Verifiable Outsourced Decryption | Attribute-based encryption (ABE) is a public-key-based. , IRJET | Impact Factor value: | ISO Certified Journal | Page Attribute-Based Encryption with Verifiable Outsourced Decryption.

Author: | Mazutaxe Zulkilkis |

Country: | Belarus |

Language: | English (Spanish) |

Genre: | Relationship |

Published (Last): | 28 August 2004 |

Pages: | 145 |

PDF File Size: | 14.73 Mb |

ePub File Size: | 15.13 Mb |

ISBN: | 839-5-91737-174-8 |

Downloads: | 46891 |

Price: | Free* [*Free Regsitration Required] |

Uploader: | Felrajas |

We suppose that tuple is included in table.

Definition 2 discrete logarithm DL assumption [ 31 ]. Definition 1 bilinear map. The notation denotes that an attribute set satisfies an access structure ; that is to say. It allows users to use flexible access control to access files stored in the cloud server with encrypted form. If the adversary is able to distinguish and at nonnegligible advantage, then we find an algorithm which attacks the scheme [ 33 ] under the selective CPA security model at nonnegligible advantage.

TA selectscomputes andand sends to a user associated with attribute set. We introduce some basic knowledge about bilinear groups, security assumption, access structure, and CP-ABE which our scheme relies on.

Security and Communication Networks. Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in cloud. The identity represented by an attribute set is not unique so ABE can realize the one-to-many encryption. Ifit outputs the atttribute-based ; otherwise, it outputs. Given a ciphertext and a transformation key, CSP transforms a ciphertext into a simple ciphertext.

Figure 5 shows the ciphertext length in our scheme and Lai et al. Without loss of generality, we suppose that an adversary does not launch transformation key query for attribute setif a private key query about the same attribute set has been issued. Abstract Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in cloud. wiith

A user checks whether the transformed outsources or or ; if the equations do not hold, he outputs. The redundant information is mainly used to design a CP-ABE scheme with verifiable outsourcing decryption from [ 33 ], which has been proven to be selectively CPA-secure.

Then our new scheme is selectively CPA-secure. Traditional IBE schemes can only provide coarse-grained access control.

It then sends the private key to the adversary. Therefore, our scheme greatly reduces the communication overhead and is very suitable for bandwidth limited devices. We prove security and verifiability of our scheme in Section 4. An encfyption randomly selects. We give some performance analysis which indicates that our scheme is adaptable for various limited bandwidth and computation-constrained devices, such as mobile phone. View at Google Scholar Z. It then returns the transformation key to the adversary.

A trusted authority TA picks two bilinear groups of prime-order,decryptioj, and. The computational overhead for the outsourcing decryption is constant in above schemes. The retrieving key is.

Furthermore, they [ 19 ] proposed a privacy-preserving personal health record using multiauthority ABE with revocation. outsourcev

Verifiabld order to solve this problem, Lai et al. Tables 1 — 3 show that our scheme is efficient. The advantage for is defined as.

It outputs if associated with satisfies. Lemma 8 shows that the advantage for an adversary in is negligible.

It outputs transformation key associated with and a corresponding retrieving key. We organized the rest of the paper as follows. Theorem 6 is correct from the two lemmas below.

However, the correctness of the transformation ciphertext which the CSP gives to the user cannot vedifiable guaranteed because the latter does not have the original ciphertext. Preliminaries We introduce some basic knowledge about bilinear groups, security assumption, witn structure, and CP-ABE which our scheme relies on. Observe that does not know the actual retrieving key.

The master secret key is. Givenwhere is randomly selected, the DL problem for is to calculate. One of the main defects of current ABE schemes is expensive decryption operation for mobile device with low computing power and limited battery.

In order to solve this problem, Goyal et al. Note ecryption, with overwhelming probability, has multiplicative inverse. However, the ciphertext length and the amount of expensive pairing computations grow with the number of the attributes, which greatly limits its application in power constrained and bandwidth limited devices. Assume that the scheme in [ 33 ] is selectively CPA-secure; and are computationally indistinguishable.

This theorem is proven via the following lemmas. The size of ciphertext and the number of expensive pairing operations are constant, which do not grow with the complexity of the access structure.