Professional Documents
Culture Documents
An Efficient File Hierarchy Attribute Based Encryption Using Optimized Tate Pairing Construction in Cloud Environment
An Efficient File Hierarchy Attribute Based Encryption Using Optimized Tate Pairing Construction in Cloud Environment
An Efficient File Hierarchy Attribute Based Encryption Using Optimized Tate Pairing Construction in Cloud Environment
To cite this article: Balaji Chandrasekaran, Yasuyuki Nogami & Ramadoss Balakrishnan (2019):
An Efficient File Hierarchy Attribute Based Encryption Using Optimized Tate Pairing Construction in
Cloud Environment, Journal of Applied Security Research, DOI: 10.1080/19361610.2019.1649534
Article views: 1
ABSTRACT KEYWORDS
One of the most preferred encryption techniques for data Attribute based encryption
sharing in cloud environment is Ciphertext-Policy Attribute (ABE); cloud computing; file
Based Encryption (CP-ABE). An efficient File Hierarchy CP-ABE hierarchy; optimization
(FH-CP-ABE) scheme using an integrated access structure was
proposed by Wang and colleagues. Their working construction
was based on symmetric pairing. In this article, we propose an
efficient Asymmetric File Hierarchy Ciphertext-Policy Attribute
Based Encryption (AFH-CP-ABE) which is based on an asym-
metric pairing construction using denominator elimination
and twist mapping. We apply this optimized Tate pairing in
the proposed AFH-CP-ABE to find out its computational costs
for encryption and decryption using gmp 6.0.0 library and
then compared with existing schemes.
Introduction
Many organizations have shifted from building their own monolithic data
centers to outsourcing it to cloud storages offered by third party cloud ser-
vice providers. A few reasons for this shift include convenience, flexibility,
high scalability, cost reduction, and so forth. Besides these advantages, the
major concern is the security of data stored in third party cloud service
providers. For example, one of the promising application of cloud comput-
ing is online social networks in which users can share photos and videos
among more than a billion users. However, the cloud service provider can
gain full access to the data of the users and may compromise the data for
commercial benefits without his concern. Thus, how to efficiently provide
access control and confidentiality for the data stored in the cloud is one of
the biggest challenge in cloud environment.
To protect data from getting leaked, one has to encrypt the data before
storing it in the cloud storage. Some access policies are to be implemented
to prevent the data from unauthorized access. A Hierarchical Attribute-Set-
Based Encryption (HASBE) is proposed by Wan, Liu, & Deng (2012) for
cloud environment. HASBE scheme utilizes user’s hierarchical access struc-
ture and supports efficient user revocation. They also proved HASBE secur-
ity based on Ciphertext-Policy Attribute Based Encryption (CP-ABE;
Bethencourt, Sahai, & Waters, 2007). To mitigate the window of vulnerabil-
ity, the attributes validity period are maintained small. This characteristic
allows multiple value assignments to expiration time attribute. This allows
efficient key updating and data re-encryption.
A hierarchical attribute-based encryption scheme is proposed by Zou
(2013). This scheme has a constant size cipher text and a linear order pri-
vate key size. This scheme also has an association between secret key and
attribute set. Deng and colleagues (2014) proposed an elaborated version of
Attribute based Encryption (ABE) called ciphertext-policy hierarchical ABE
(CP-HABE). Here, the attributes are organized in the form of matrix. The
users who have access to top level attributes are able to pass on their access
rights to the bottom level users. These characteristics enable hierarchically
organized large groups to efficiently share data using CP-ABE.
Access tree, AND gate and linear secret sharing scheme are the three
kinds of access structures used in existing CP-ABE. AND gate access struc-
ture was first used by Cheung and Newport (2007) to achieve CP-ABE.
Improved schemes (Nishide, Yoneyama, & Ohta, 2008; Guo, Mu, Susilo,
Wong, & Varadharajan, 2014) are also proposed later. Some CP-ABE
schemes based on access tree (Bethencourt et al., 2007; Xie, Ma, Li, &
Chen, 2013) that support AND, OR and threshold access structures based
on linear secret sharing scheme (Waters, 2011) where (Bethencourt et al.,
2007; Waters, 2011) are the major schemes of access tree and linear secret
sharing scheme. But none of these schemes could solve the problem of
multiple hierarchical files sharing.
File Hierarchy CP-ABE (FH-CP-ABE; Wang et al., 2016) scheme pro-
posed integrated access structure to solve the problem of multiple hierarch-
ical files sharing in cloud environment. They use symmetric pairing for
FH-CP-ABE construction. Unfortunately, some optimization cannot be
done in symmetric pairing. The proposed work focuses on optimized asym-
metric pairing construction to boost the effectiveness of the scheme.
Our contributions
The proposed Asymmetric File Hierarchy Ciphertext-Policy Attribute Based
Encryption (AFH-CP-ABE) is based on an asymmetric pairing
JOURNAL OF APPLIED SECURITY RESEARCH 3
Likewise,
lC;P ðQÞð2yC ; 0Þ ¼ ðxC xp ÞðYyC ÞðyC yp ÞðXxC Þ; 2ðxC xp ÞY (2)
Proposed AFH-CP-ABE
The proposed asymmetric based AFH-CP-ABE uses optimized Tate pairing
algorithm. The bilinear map e : G1 G2 ! GT ; G1 ; G2 and GT be the
bilinear group of prime order p: Let g1 and g2 be the generators of the
Q
group G1 and G2 respectively. The Lagrange coefficient Dk;S ¼ l2S;l6¼k ðx
lÞ=ðk lÞ; k 2 Zp and an attribute set S ¼ S1 ; S2 ; . . . ; Sm 2 Zp : Let H1:
f0; 1g ; H2: f0; 1g and H3 : f0; 1g be the hash functions of the group
G1 ; G2 ; and GT respectively. An attribute universe set is defined as A ¼
fa1 ; a2 ; . . . ; an g: The detailed steps are as follows:
Setupð1k Þ: This algorithm is executed by the authority and it takes as
input a security parameter k and chooses g; K 2randomly Zp : It produces
public key (PK) and master secret key (MSK) as the output which is
JOURNAL OF APPLIED SECURITY RESEARCH 5
8i ¼ 1; 2; . . . ; k and 8j ¼ 1; 2; . . .
DecryptðPK; CT; SK Þ : A user decrypts the ciphertext CT with the help of
PK and SK:
Thus the decryption step can be detailed as follows:
2016). Assume the data owner shares three files M ¼ fm1 ; m2 ; m3 g with
three access levels. To make sure that, all components of ciphertext are cal-
cultaed in decryption algorithm, we used AND gate to design
access structures.
Figures 1 and 2 represent the experimental results. Figure 1 illustrates
total computation cost of the proposed work and existing schemes for
encryption and decryption based on the number of attributes. Figure 2
illustrates the total computation cost of the proposed work and existing
schemes for encryption and decryption based on the number of files. For
this simulation, we used number of attributes N ¼ f10; 20; 30; 40; 50g and
number of files k ¼ f2; 4; 6; 8g
As illustrated in Figure 1, the proposed scheme reduces the computa-
tional cost for encryption and decryption. It also shows that the results are
steadily increasing and almost directly proportional with N: As we shown
in Figure 1, when k ¼ 2 and N is varied, the execution time of encryption
and decryption of the proposed AFH-CP-ABE scheme is reduced. For
example in Figure 1, the encryption costs of proposed scheme and Wang
and colleagues (2016) are 3.569 s and 4.32 s respectively when N ¼ 30:
Similarly, the values are 4.68 s and 5.7 s when N ¼ 40: The difference
jumps from 1.487ss to 5.573 s when N is varied from 10 to 50.
As shown in Figure 2, when N is fixed and k is varied, execution time of
encryption and decryption to be reduced in the proposed AFH-CP-ABE
8 B. CHANDRASEKARAN ET AL.
Conclusion
In this article, an efficient AFH-CP-ABE scheme based on an optimized
asymmetric Tate pairing construction is proposed. The pairing cost of opti-
mized Tate pairing is optimized using denominator elimination and twist
mapping. The proposed AFH-CP-ABE scheme is then compared with exist-
ing schemes. The experimental results show a significant mitigation in
terms of computational costs for encryption and decryption.
Funding
This work was supported by the Ministry of Human Resource Development (MHRD)
under the Government of India.
Disclosure statement
The authors declare no conflict of interest.
References
Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based
encryption. Paper presented at the 2007 IEEE symposium on security and privacy (SP’07)
(pp. 321–334). Berkeley, CA: IEEE.
Cheung, L., & Newport, C. (2007, October). Provably secure ciphertext policy ABE. Paper
presented at the Proceedings of the 14th ACM conference on Computer and communi-
cations security (pp. 456–465). New York, NY: ACM.
Deng, H., Wu, Q., Qin, B., Domingo-Ferrer, J., Zhang, L., Liu, J., & Shi, W. (2014).
Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts.
Information Sciences, 275, 370–384. doi:10.1016/j.ins.2014.01.035
Guo, F., Mu, Y., Susilo, W., Wong, D. S., & Varadharajan, V. (2014). CP-ABE with con-
stant-size keys for lightweight devices. IEEE Transactions on Information Forensics and
Security, 9(5), 763–771.
Kumano, A., & Nogami, Y. (2015, December). An improvement of tate paring with super-
singular curve. Paper presented at the 2015 2nd International Conference on Information
Science and Security (ICISS) (pp. 1–3). Seoul, South Korea: IEEE.
Nishide, T., Yoneyama, K., & Ohta, K. (2008, June). Attribute-based encryption with par-
tially hidden encryptor-specified access structures. Paper presented at the International
JOURNAL OF APPLIED SECURITY RESEARCH 9