Dynamic Policy Attribute Based Encryption and its Application in Generic Construction of Multi-Keyword Search

Dynamic Policy Attribute Based Encryption and its Application in Generic Construction of Multi-Keyword Search

Mamta (National Institute of Technology, Kurukshetra, India), Brij B. Gupta (National Institute of Technology, Kurukshetra, India) and Syed Taqi Ali (Visvesvaraya National Institute of Technology Nagpur, Nagpur, India)
Copyright: © 2019 |Pages: 23
DOI: 10.4018/IJESMA.2019100102

Abstract

Attribute based encryption (ABE) is an encryption technique which provides a good solution to the security issues in the cloud environment. Through ABE, a data owner can achieve the fine-grained sharing of data encrypted under attributes or an access policy which they possess. The relation among these attributes is represented by the access policy which is expressed as an access tree. In this article, the authors first present an ABE scheme which supports frequent changes in the access tree and hence, it is named a dynamic policy ABE. Also, the proposed scheme generates secret keys of constant size which can save bandwidth. The proposed scheme is based on key-policy design and supports monotonic access structure that consists of AND, OR and Threshold gates. Inspired by the proposed dynamic policy ABE scheme the authors then present a multi-keyword search scheme which inherits all the features of the proposed ABE scheme. Therefore, it provides a constant size trapdoor and support for fast search. The construction of a multi-keyword search scheme is generic in nature and any ABE scheme can be converted to the multi-keyword search scheme using the transformation method given in the paper. Finally, the proposed schemes are proven to be secure under Decisional Bilinear Diffie-Hellman (DBDH) assumption.
Article Preview
Top

1. Introduction

Cloud computing is one of the most popular technologies of recent times. Popularity of cloud computing can be estimated from the fact that even general users are using cloud-based services like SkyDrive, Google Drive, etc., but with increase in number of users the amount of data stored over cloud server is also increasing rapidly. With continuously increasing amount of data it becomes difficult for a user to find a particular file. So, here the concept of searching comes into play. Searching of plain data is not a challenging task but it is not secure and owing to the confidential nature of the data it is not recommended at all. Hence to protect the confidentiality of data it is required that searching should be performed on encrypted data and to cater this requirement the concept of searchable encryption (SE) was introduced. With the help of SE techniques, one can perform search in the ciphertext domain where the owner of the data stores his data along with some keywords in an encrypted form at a third-party cloud server (Gupta et al., 2016; Tewari et al., 2017). Whenever a user wants to retrieve some data stored at the cloud server, he generates a search query (trapdoor) and using this trapdoor, the cloud server performs search for a document which contains some specific keyword and gains no information about underlying plaintext.

To develop the searchable encryption schemes, there are two cryptographic primitives that one can use. First, is the symmetric key encryption technique and the corresponding searchable encryption is known symmetric searchable encryption (SSE). There are several SSE schemes available in the literature (Song et al., 2000; Goh et al., 2003; Agrawal et al., 2004; Curtmola et al., 2011). The inherited benefit of using SSE scheme is that it results in fast encryption and search, but on the down side these techniques are not useful in multi-user scenario because these suffers from the complicated process of key sharing. So, keeping in mind the multi-user scenario, the second cryptographic primitive known as asymmetric/public key encryption was first used by Boneh et al. (2004). Boneh et al. proposed the first searchable encryption scheme in public key setting known as public key encryption with keyword search (PEKS). But again, if we look at the true multi-user scenario, this was again not sufficient because PEKS can efficiently handle multiple data owners but supports only a single data user. To share the data with multiple users, data owner must encrypt same data with the public key of each user. So, this results in redundancy and is not scalable at all because the data owner has to keep as many copies of the same data as the number of users with whom he wants to share his data. So, to cater this need a new public key primitive called attribute-based encryption (ABE) was used which supports true multi-user scenario, where multiple owners can share their data with multiple users. In this paper, the authors have used ABE to construct the searchable encryption scheme.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2020): 2 Released, 2 Forthcoming
Volume 11: 4 Issues (2019)
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing