Attribute-based encryption (ABE) offers a promising solution for flexible access control over sensitive personal health records in a mobile healthcare system on top of a public cloud infrastructure. However, ABE cannot be simply applied to lightweight devices due to its substantial computation cost during decryption. This problem could be alleviated by delegating significant parts of the decryption operations to computationally powerful parties, such as cloud servers, but the correctness of the delegated computation would be at stake. Thus, previous works enabled users to validate the partial decryption by employing a cryptographic commitment or message authentication code (MAC). This paper demonstrates that the previous commitment or MAC-based schemes cannot support verifiability in the presence of potentially malevolent cloud servers. We propose two concrete attacks on previous commitment or MAC-based schemes. We propose an effective countermeasure scheme for securing resource-limited mobile healthcare systems and provide a rigorous security proof in the standard model, demonstrating that the proposed scheme is secure against our attacks. The experimental analysis shows that the proposed scheme provides the similar performance compared with the previous commitment-based schemes and outperforms the MAC-based scheme.
Bibliographical noteFunding Information:
Manuscript received July 30, 2018; revised September 18, 2018; accepted October 19, 2018. Date of publication October 26, 2018; date of current version July 31, 2019. This work was supported in part by the Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea Government (MSIT) (No. 2018-0-00269, A research on safe and convenient big data processing methods), in part by the National Research Foundation of Korea (NRF) grant funded by the Korea Government (MSIP) (No. 2016R1A2A2A05005402), and in part by the Military Crypto Research Center (UD170109ED) funded by the Defense Acquisition Program Administration (DAPA) and Agency for Defense Development (ADD). This work is the extended version of . (Corresponding author: Junbeom Hur.) The authors are with the Department of Computer Science and Engineering, Korea University, Seoul 02841, South Korea (e-mail: firstname.lastname@example.org). Digital Object Identifier 10.1109/JIOT.2018.2878216
© 2014 IEEE.
- Attribute-based encryption (ABE)
- cloud computing
- cyber-physical systems
- mobile healthcare
ASJC Scopus subject areas
- Signal Processing
- Information Systems
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications