Online/offline public-index predicate encryption for fine-grained mobile access control

Weiran Liu; Jianwei Liu; Qianhong Wu; Bo Qin; Kaitai Liang

doi:10.1007/978-3-319-45741-3_30

Online/offline public-index predicate encryption for fine-grained mobile access control

Weiran Liu
, Jianwei Liu
, Qianhong Wu
, Bo Qin^*
, Kaitai Liang

^*Corresponding author for this work

School of Cyber Science and Technology

Beihang University
Xidian University
State Key Laboratory of Cryptology
CAS - Institute of Information Engineering
Renmin University of China
Aalto University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

Public-Index Predicate Encryption (PIPE) allows users to encrypt according to boolean predicates defined on arbitrary attributes. The expensive algebraic operations are the major efficiency obstacle for PIPE to be applied to mobile clouds. This paper proposes a general Online/Offline PIPE (OO-PIPE) framework to address this issue. First, we propose a generic transformation from a Large Universe PIPE (LUPIPE) secure against chosen plaintext attack (CPA) to OO-PIPE in the same security model. The challenge is to generate ciphertext without the knowledge of the associated ciphertext attributes in the offline phase. We address the challenge by identifying an interesting attribute-malleability property in many LU-PIPE schemes. The property allows an encryptor to efficiently malleate a ciphertext associated with one ciphertext attribute to any assigned ciphertext attribute. Second, we design a generic transformation from CPA-secure LU-PIPE to OO-PIPE secure against adaptively chosen ciphertext attack (CCA2), assuming the underlying LUPIPE has attribute-malleability and public-verifiability properties. The main obstacle here is that the online/offline mechanism endogenously implies forgery in the sense that a pre-computed ciphertext must be able to be efficiently malleated to the resulting ciphertext associated with a different ciphertext attribute and a plaintext, while any efficient valid ciphertext forgery is forbidden in CCA2 security. We circumvent this obstacle by employing a universally collision resistant Chameleon hash, namely, only the original encryptor can malleate the ciphertext to associate with different attributes and provide a hash collision of the ciphertext components.

Original language	English
Title of host publication	Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
Editors	Sokratis Katsikas, Catherine Meadows, Ioannis Askoxylakis, Sotiris Ioannidis
Publisher	Springer Verlag
Pages	588-605
Number of pages	18
ISBN (Print)	9783319457406
DOIs	https://doi.org/10.1007/978-3-319-45741-3_30
State	Published - 2016
Event	21st European Symposium on Research in Computer Security, ESORICS 2016 - Heraklion, Greece Duration: 26 Sep 2016 → 30 Sep 2016

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9879 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	21st European Symposium on Research in Computer Security, ESORICS 2016
Country/Territory	Greece
City	Heraklion
Period	26/09/16 → 30/09/16

Access to Document

10.1007/978-3-319-45741-3_30

Cite this

Liu, W., Liu, J., Wu, Q., Qin, B., & Liang, K. (2016). Online/offline public-index predicate encryption for fine-grained mobile access control. In S. Katsikas, C. Meadows, I. Askoxylakis, & S. Ioannidis (Eds.), Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings (pp. 588-605). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9879 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-45741-3_30

Liu, Weiran ; Liu, Jianwei ; Wu, Qianhong et al. / Online/offline public-index predicate encryption for fine-grained mobile access control. Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. editor / Sokratis Katsikas ; Catherine Meadows ; Ioannis Askoxylakis ; Sotiris Ioannidis. Springer Verlag, 2016. pp. 588-605 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{2db4ec97ffee422ba6d39535f5fc00ed,

title = "Online/offline public-index predicate encryption for fine-grained mobile access control",

abstract = "Public-Index Predicate Encryption (PIPE) allows users to encrypt according to boolean predicates defined on arbitrary attributes. The expensive algebraic operations are the major efficiency obstacle for PIPE to be applied to mobile clouds. This paper proposes a general Online/Offline PIPE (OO-PIPE) framework to address this issue. First, we propose a generic transformation from a Large Universe PIPE (LUPIPE) secure against chosen plaintext attack (CPA) to OO-PIPE in the same security model. The challenge is to generate ciphertext without the knowledge of the associated ciphertext attributes in the offline phase. We address the challenge by identifying an interesting attribute-malleability property in many LU-PIPE schemes. The property allows an encryptor to efficiently malleate a ciphertext associated with one ciphertext attribute to any assigned ciphertext attribute. Second, we design a generic transformation from CPA-secure LU-PIPE to OO-PIPE secure against adaptively chosen ciphertext attack (CCA2), assuming the underlying LUPIPE has attribute-malleability and public-verifiability properties. The main obstacle here is that the online/offline mechanism endogenously implies forgery in the sense that a pre-computed ciphertext must be able to be efficiently malleated to the resulting ciphertext associated with a different ciphertext attribute and a plaintext, while any efficient valid ciphertext forgery is forbidden in CCA2 security. We circumvent this obstacle by employing a universally collision resistant Chameleon hash, namely, only the original encryptor can malleate the ciphertext to associate with different attributes and provide a hash collision of the ciphertext components.",

author = "Weiran Liu and Jianwei Liu and Qianhong Wu and Bo Qin and Kaitai Liang",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing Switzerland 2016.; 21st European Symposium on Research in Computer Security, ESORICS 2016 ; Conference date: 26-09-2016 Through 30-09-2016",

year = "2016",

doi = "10.1007/978-3-319-45741-3\_30",

language = "英语",

isbn = "9783319457406",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "588--605",

editor = "Sokratis Katsikas and Catherine Meadows and Ioannis Askoxylakis and Sotiris Ioannidis",

booktitle = "Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings",

address = "德国",

}

Liu, W, Liu, J , Wu, Q, Qin, B & Liang, K 2016, Online/offline public-index predicate encryption for fine-grained mobile access control. in S Katsikas, C Meadows, I Askoxylakis & S Ioannidis (eds), Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9879 LNCS, Springer Verlag, pp. 588-605, 21st European Symposium on Research in Computer Security, ESORICS 2016, Heraklion, Greece, 26/09/16. https://doi.org/10.1007/978-3-319-45741-3_30

Online/offline public-index predicate encryption for fine-grained mobile access control. / Liu, Weiran; Liu, Jianwei ; Wu, Qianhong et al.
Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. ed. / Sokratis Katsikas; Catherine Meadows; Ioannis Askoxylakis; Sotiris Ioannidis. Springer Verlag, 2016. p. 588-605 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9879 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Online/offline public-index predicate encryption for fine-grained mobile access control

AU - Liu, Weiran

AU - Liu, Jianwei

AU - Wu, Qianhong

AU - Qin, Bo

AU - Liang, Kaitai

N1 - Publisher Copyright: © Springer International Publishing Switzerland 2016.

PY - 2016

Y1 - 2016

N2 - Public-Index Predicate Encryption (PIPE) allows users to encrypt according to boolean predicates defined on arbitrary attributes. The expensive algebraic operations are the major efficiency obstacle for PIPE to be applied to mobile clouds. This paper proposes a general Online/Offline PIPE (OO-PIPE) framework to address this issue. First, we propose a generic transformation from a Large Universe PIPE (LUPIPE) secure against chosen plaintext attack (CPA) to OO-PIPE in the same security model. The challenge is to generate ciphertext without the knowledge of the associated ciphertext attributes in the offline phase. We address the challenge by identifying an interesting attribute-malleability property in many LU-PIPE schemes. The property allows an encryptor to efficiently malleate a ciphertext associated with one ciphertext attribute to any assigned ciphertext attribute. Second, we design a generic transformation from CPA-secure LU-PIPE to OO-PIPE secure against adaptively chosen ciphertext attack (CCA2), assuming the underlying LUPIPE has attribute-malleability and public-verifiability properties. The main obstacle here is that the online/offline mechanism endogenously implies forgery in the sense that a pre-computed ciphertext must be able to be efficiently malleated to the resulting ciphertext associated with a different ciphertext attribute and a plaintext, while any efficient valid ciphertext forgery is forbidden in CCA2 security. We circumvent this obstacle by employing a universally collision resistant Chameleon hash, namely, only the original encryptor can malleate the ciphertext to associate with different attributes and provide a hash collision of the ciphertext components.

AB - Public-Index Predicate Encryption (PIPE) allows users to encrypt according to boolean predicates defined on arbitrary attributes. The expensive algebraic operations are the major efficiency obstacle for PIPE to be applied to mobile clouds. This paper proposes a general Online/Offline PIPE (OO-PIPE) framework to address this issue. First, we propose a generic transformation from a Large Universe PIPE (LUPIPE) secure against chosen plaintext attack (CPA) to OO-PIPE in the same security model. The challenge is to generate ciphertext without the knowledge of the associated ciphertext attributes in the offline phase. We address the challenge by identifying an interesting attribute-malleability property in many LU-PIPE schemes. The property allows an encryptor to efficiently malleate a ciphertext associated with one ciphertext attribute to any assigned ciphertext attribute. Second, we design a generic transformation from CPA-secure LU-PIPE to OO-PIPE secure against adaptively chosen ciphertext attack (CCA2), assuming the underlying LUPIPE has attribute-malleability and public-verifiability properties. The main obstacle here is that the online/offline mechanism endogenously implies forgery in the sense that a pre-computed ciphertext must be able to be efficiently malleated to the resulting ciphertext associated with a different ciphertext attribute and a plaintext, while any efficient valid ciphertext forgery is forbidden in CCA2 security. We circumvent this obstacle by employing a universally collision resistant Chameleon hash, namely, only the original encryptor can malleate the ciphertext to associate with different attributes and provide a hash collision of the ciphertext components.

UR - https://www.scopus.com/pages/publications/84990857073

U2 - 10.1007/978-3-319-45741-3_30

DO - 10.1007/978-3-319-45741-3_30

M3 - 会议稿件

AN - SCOPUS:84990857073

SN - 9783319457406

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 588

EP - 605

BT - Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings

A2 - Katsikas, Sokratis

A2 - Meadows, Catherine

A2 - Askoxylakis, Ioannis

A2 - Ioannidis, Sotiris

PB - Springer Verlag

T2 - 21st European Symposium on Research in Computer Security, ESORICS 2016

Y2 - 26 September 2016 through 30 September 2016

ER -

Liu W, Liu J , Wu Q, Qin B, Liang K. Online/offline public-index predicate encryption for fine-grained mobile access control. In Katsikas S, Meadows C, Askoxylakis I, Ioannidis S, editors, Computer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings. Springer Verlag. 2016. p. 588-605. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-45741-3_30

Online/offline public-index predicate encryption for fine-grained mobile access control

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this