White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment
In a ciphertext-policy attribute-based encryption (CP-ABE) system, the decryption keys are only related to attributes shared by multiple users and do not contain any identity information of their original holders. Hence, if a decryption key is leaked, there is no feasible method to trace the suspici...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2019-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8824049/ |
| _version_ | 1818666033237458944 |
|---|---|
| author | Xixi Yan Xu He Jinxia Yu Yongli Tang |
| author_facet | Xixi Yan Xu He Jinxia Yu Yongli Tang |
| author_sort | Xixi Yan |
| collection | DOAJ |
| description | In a ciphertext-policy attribute-based encryption (CP-ABE) system, the decryption keys are only related to attributes shared by multiple users and do not contain any identity information of their original holders. Hence, if a decryption key is leaked, there is no feasible method to trace the suspicious user. The user tracing problem has become an obstacle to the adoption of CP-ABE in practice. In order to address it, some traceable/accountable CP-ABE schemes have been established. However, considering the user tracing problem in multi-domain environment will face new challenges. Multi-domain environments usually have a two-layer structure, domains and intradomain users. When tracing a user, we should first trace the domain where the user is located, and then trace the user in the domain. Unfortunately, the existing traceable CP-ABE schemes only focus on one level of users tracing, and are not suitable for the two-layer structure of multi-domain environments. Therefore, a white-box traceable CP-ABE scheme in multi-domain environment is proposed in this paper. The proposed scheme obtains a so-called two-layer tracing. At the domain level, a short signature technique is used to prevent an attacker from forging the tracing parameter and realize the traceability for domains. Linkable ring signature technology is introduced at the user level to provide a tracing method for users by utilizing the linkability of the signature. The two signature structures are reasonably embedded in a user private key to support two-layer white-box tracing at both domains and intradomain users. The proposed scheme supports any monotone access structures and has full security against chosen plaintext attack in the standard model. Compared with related schemes, the asymptotic communication cost and the asymptotic computation cost of the proposed scheme are relatively low. These advantages make the proposed scheme more practical for solving the user tracing problem in multi-domain environment. |
| first_indexed | 2024-12-17T05:58:05Z |
| format | Article |
| id | doaj.art-f68f946359e045d3bca2424d2d4cffde |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-17T05:58:05Z |
| publishDate | 2019-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-f68f946359e045d3bca2424d2d4cffde2022-12-21T22:00:57ZengIEEEIEEE Access2169-35362019-01-01712829812831210.1109/ACCESS.2019.29394138824049White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain EnvironmentXixi Yan0Xu He1https://orcid.org/0000-0003-1994-1655Jinxia Yu2Yongli Tang3School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaSchool of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, ChinaIn a ciphertext-policy attribute-based encryption (CP-ABE) system, the decryption keys are only related to attributes shared by multiple users and do not contain any identity information of their original holders. Hence, if a decryption key is leaked, there is no feasible method to trace the suspicious user. The user tracing problem has become an obstacle to the adoption of CP-ABE in practice. In order to address it, some traceable/accountable CP-ABE schemes have been established. However, considering the user tracing problem in multi-domain environment will face new challenges. Multi-domain environments usually have a two-layer structure, domains and intradomain users. When tracing a user, we should first trace the domain where the user is located, and then trace the user in the domain. Unfortunately, the existing traceable CP-ABE schemes only focus on one level of users tracing, and are not suitable for the two-layer structure of multi-domain environments. Therefore, a white-box traceable CP-ABE scheme in multi-domain environment is proposed in this paper. The proposed scheme obtains a so-called two-layer tracing. At the domain level, a short signature technique is used to prevent an attacker from forging the tracing parameter and realize the traceability for domains. Linkable ring signature technology is introduced at the user level to provide a tracing method for users by utilizing the linkability of the signature. The two signature structures are reasonably embedded in a user private key to support two-layer white-box tracing at both domains and intradomain users. The proposed scheme supports any monotone access structures and has full security against chosen plaintext attack in the standard model. Compared with related schemes, the asymptotic communication cost and the asymptotic computation cost of the proposed scheme are relatively low. These advantages make the proposed scheme more practical for solving the user tracing problem in multi-domain environment.https://ieeexplore.ieee.org/document/8824049/Ciphertext-policy attribute-based encryptionlinkable ring signaturemulti-domain environmenttwo-layer tracingwhite-box traceability |
| spellingShingle | Xixi Yan Xu He Jinxia Yu Yongli Tang White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment IEEE Access Ciphertext-policy attribute-based encryption linkable ring signature multi-domain environment two-layer tracing white-box traceability |
| title | White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment |
| title_full | White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment |
| title_fullStr | White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment |
| title_full_unstemmed | White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment |
| title_short | White-Box Traceable Ciphertext-Policy Attribute-Based Encryption in Multi-Domain Environment |
| title_sort | white box traceable ciphertext policy attribute based encryption in multi domain environment |
| topic | Ciphertext-policy attribute-based encryption linkable ring signature multi-domain environment two-layer tracing white-box traceability |
| url | https://ieeexplore.ieee.org/document/8824049/ |
| work_keys_str_mv | AT xixiyan whiteboxtraceableciphertextpolicyattributebasedencryptioninmultidomainenvironment AT xuhe whiteboxtraceableciphertextpolicyattributebasedencryptioninmultidomainenvironment AT jinxiayu whiteboxtraceableciphertextpolicyattributebasedencryptioninmultidomainenvironment AT yonglitang whiteboxtraceableciphertextpolicyattributebasedencryptioninmultidomainenvironment |