원문정보
초록
영어
Attribute-Based Encryption (ABE) is a promising cryptographic primitive to implement access control for secure data storage in the cloud. Since the data owner may frequently change the access policies defined in the ciphertext, it is significant to provide the capacity for dynamic policy updating. However the cloud should also authenticate the owner because the adversary may modify the access policies of the files in the cloud to prevent the legal users from accessing them. In this paper, we focus on the owner’s authentication in the ABE systems and propose a novel scheme which enables access control with authenticated dynamic policy updating in the cloud. We adapt the Pedersen commitment and Zero Knowledge Proof of Knowledge (ZKPK) to realize the anonymous authentication of the owner’s policy updating key without increasing any secret information to the owner side. The analysis shows that our scheme is authentic and efficient as well as adaptive to different types of access policies.
목차
1. Introduction
1.1. Related Work
1.2. Organization
2. Preliminaries
2.1. Access Structures
2.2. Pedersen Commitment
2.3. Zero-knowledge Proof of Knowledge (ZKPK) Protocol
3. System and Security Model
3.1. System Model
3.2. Security Model
4. Access Control System with Authenticated Dynamic Policy Updating
4.1. System Initialization
4.2. Key Generation
4.3. Data Encryption
4.4. Data Decryption
4.5. Policy Updating
5. Analysis of Our Scheme
5.1. Security
5.2. Authentication
5.3. Performance Analysis
6. Conclusion
Acknowledgements
References