Attribute-Based Data Sharing Scheme Revisited in Cloud Computing

Shulan Wang, Kaitai Liang, Joseph K. Liu, Jianyong Chen, Jianping Yu, Weixin Xie
2016 IEEE Transactions on Information Forensics and Security  
Ciphertext-policy attribute-based encryption (CP-ABE) is a promising encryption technology for secure data sharing in cloud computing, in which data owner can fully control access structure associated with a ciphertext. However, it brings a major drawback which is known as key escrow problem, since the decryption users' secret keys are issued by an unconditionally trusted third party (i.e. key authority). In addition, there is another problem that most of CP-ABE schemes cannot express
more » ... state attributes. In this paper, we revisited attributebased data sharing scheme in order to solve the key escrow issue and improve the ability of attribute expression in cloud computing. An improved two-party key issuing protocol ensures that neither key authority nor cloud service provider can generate the whole secret keys of users individually. Moreover, the function of weighted attribute is provided to enhance the attribute expression, which can not only extend attributes from binary state to arbitrary states, but also reduce the complexity of access policy associated with a ciphertext. Therefore, both ciphertext storage and time cost in encryption are saved. The performance analysis and security proof show that the proposed scheme is efficient to securely achieve data sharing in cloud computing.
doi:10.1109/tifs.2016.2549004 fatcat:i3323k7efzdylhb4u6y4xqdtsu