Disabling Tracing in Black-Box-Traceable CP-ABE System: Alert Decryption Black Box
Author:
Qiao Huidong1, Ren Jiangchun2, Wang Zhiying2, Hu Ying1
Affiliation:
1. College of Computer and Communication, Hunan Institute of Engineering, Xiangtan 411100, China 2. College of Computer, National University of Defense Technology, Changsha 410073, China
Abstract
In application scenarios such as cloud storage, a symmetric algorithm can be used to encrypt massive data. However, using the symmetric operation and keys in encryption and decryption, it is very difficult to realize an efficient access control system. The asymmetric encryption algorithm ciphertext-policy attribute-based encryption (CP-ABE), as a versatile one-to-many encryption algorithm, is considered an ideal access control tool to solve the user’s distrust of the service provider of cloud storage. However, in a traditional CP-ABE system, the malicious users may deliberately leak their attribute keys to others or build a decryption black box (DB) to provide illegal decryption services for benefits, while no one can determine their identities. To deal with the problems, especially the problem of tracing the DB builder, CP-ABE schemes with black-box traceability have been proposed in the past few years. But in this paper, we point out that for now, the tracing algorithms in all existing schemes actually work on an impractical assumption. That is, whenever a DB receives a decryption request, it always performs the decryption algorithm honestlycorrectly. We argue that if a DB finds the decryption request comes from the tracing algorithm, it may intentionally output incorrect decryption results to counter the tracing. Thus, we present the structural defect of the tracing algorithm applied to all known traceable CP-ABE schemes. We describe the construction of an alert decryption black box (ADB) that is capable of distinguishing a tracing ciphertext from a normal one. We also show how an ADB frustrates the tracing algorithm, and furthermore, malicious users can even apply an ADB to frame innocent users.
Funder
National Natural Science Foundation of China Research Foundation of the Education Bureau of Hunan Province Natural Science Foundation of Hunan Province, China
Subject
Physics and Astronomy (miscellaneous),General Mathematics,Chemistry (miscellaneous),Computer Science (miscellaneous)
Reference23 articles.
1. Fuzzy identity-based encryption;Sahai;Advances in Cryptology—EUROCRYPT 2005,2005 2. Bethencourt, J., Sahai, A., and Waters, B. (2007, January 20–23). Ciphertext-policy attribute-based encryption. Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, USA. 3. Li, J., Ren, K., and Kim, K. (2009). A2BE: Accountable Attribute-Based Encryption for Abuse Free Access Control. IACR Cryptol. Eprint Arch., 1–16. 4. Liu, Z., Cao, Z., and Wong, D.S. (2013, January 4–8). Blackbox traceable CP-ABE: How to catch people leaking their keys by selling decryption devices on eBay. Proceedings of the ACM Conference on Computer and Communications Security, Berlin, Germany. 5. Zhou, J., Cao, Z., Dong, X., and Lin, X. (May, January 26). TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems. Proceedings of the IEEE INFOCOM, Hong Kong, China.
|
|