TY - GEN
T1 - Toward Trustworthy Delegation
T2 - 11th IEEE International Conference on Cloud Computing, CLOUD 2018
AU - Hahn, Changhee
AU - Kwon, Hyunsoo
AU - Hur, Junbeom
N1 - Funding Information:
ACKNOWLEDGMENT This work was supported as part of Military Crypto Research Center(UD170109ED) funded by Defense Acquisition Program Administration(DAPA) and Agency for Defense Development(ADD).
Publisher Copyright:
© 2018 IEEE.
Copyright:
Copyright 2019 Elsevier B.V., All rights reserved.
PY - 2018/9/7
Y1 - 2018/9/7
N2 - For building a secure cloud storage service on top of a public cloud infrastructure, attribute-based encryption (ABE) has been a preferred solution due to its flexible access control. ABE, however, incurs heavy computation cost on users during decryption. Thus, previous studies solved this problem by enabling cloud servers to perform a part of decryption operations on behalf of the users. In order to empower users to verify the correctness of the delegated decryption by the cloud, they employed a cryptographic commitment or message authentication code (MAC) to enable users to check the correctness of partial decryption of the cloud. However, the previous schemes fail to ensure the correctness of computation in the presence of malicious cloud servers. In this paper, we propose a novel and generic commitment scheme for ABE, which is secure against tampering attacks by malicious cloud servers. According to the performance analysis, the proposed scheme is only 0.5 ms slower on average than the previous commitment-based schemes and two to three times faster than the MAC-based scheme.
AB - For building a secure cloud storage service on top of a public cloud infrastructure, attribute-based encryption (ABE) has been a preferred solution due to its flexible access control. ABE, however, incurs heavy computation cost on users during decryption. Thus, previous studies solved this problem by enabling cloud servers to perform a part of decryption operations on behalf of the users. In order to empower users to verify the correctness of the delegated decryption by the cloud, they employed a cryptographic commitment or message authentication code (MAC) to enable users to check the correctness of partial decryption of the cloud. However, the previous schemes fail to ensure the correctness of computation in the presence of malicious cloud servers. In this paper, we propose a novel and generic commitment scheme for ABE, which is secure against tampering attacks by malicious cloud servers. According to the performance analysis, the proposed scheme is only 0.5 ms slower on average than the previous commitment-based schemes and two to three times faster than the MAC-based scheme.
KW - Attribute-based encryption
KW - Cloud computing
KW - Outsourced decryption
KW - Verifiability
UR - http://www.scopus.com/inward/record.url?scp=85057466074&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85057466074&partnerID=8YFLogxK
U2 - 10.1109/CLOUD.2018.00136
DO - 10.1109/CLOUD.2018.00136
M3 - Conference contribution
AN - SCOPUS:85057466074
T3 - IEEE International Conference on Cloud Computing, CLOUD
SP - 920
EP - 923
BT - Proceedings - 2018 IEEE International Conference on Cloud Computing, CLOUD 2018 - Part of the 2018 IEEE World Congress on Services
PB - IEEE Computer Society
Y2 - 2 July 2018 through 7 July 2018
ER -