• No Comments

PDF | Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in. Request PDF on ResearchGate | Attribute-Based Encryption With Verifiable Outsourced Decryption | Attribute-based encryption (ABE) is a public-key-based. , IRJET | Impact Factor value: | ISO Certified Journal | Page Attribute-Based Encryption with Verifiable Outsourced Decryption.

Author: Mikar Gorr
Country: Russian Federation
Language: English (Spanish)
Genre: Environment
Published (Last): 26 November 2018
Pages: 281
PDF File Size: 13.25 Mb
ePub File Size: 7.71 Mb
ISBN: 453-3-59759-444-5
Downloads: 29185
Price: Free* [*Free Regsitration Required]
Uploader: Mazur

The redundant information is mainly used to design a CP-ABE scheme with verifiable outsourcing decryption from [ 33 ], which has been proven to be selectively CPA-secure. Recently, Li et al. According to the game in [ 31 ], it is described as follows.

Security and Communication Networks

Preliminaries We introduce some basic knowledge about bilinear groups, security assumption, access structure, and CP-ABE which our scheme relies on. This algorithm takes,and for as input. What is more, the ciphertext length in our scheme does not grow with the number of attributes, which reduces the communication cost greatly.

If such a tuple exists, it runs and returns to ; otherwise, it returns. Therefore, our scheme greatly reduces the communication overhead and is very suitable for bandwidth limited devices. In their scheme, a user uses proxy reencryption method [ 1314 ] to generate a transformation key and sends the transformation key and ABE ciphertext to the CSP. Moreover, the CSP can perform encrypted keyword search without knowing anything about the keywords embedded in trapdoor.

Given the transformation key, the CSP transforms an ABE ciphertext into a simple ciphertext, from which the user recovers plaintext by using less computation overhead.

Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length

Indexed in Science Citation Index Expanded. This algorithm takes the security parameter and attribute universe as input. Thus, we come to a conclusion that the advantage for an adversary in is negligible. Security in our scheme is reduced to that of scheme in [ 33 ] and verifiability is reduced to DL assumption.


The proposed scheme has the potential application in various lower power devices with limited computational power, such as mobile phone. This is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. In withh article, we present attribite-based novel verifiable outsourced CP-ABE scheme with constant ciphertext length to save the communication cost.

However, the correctness of attribute-baed transformation ciphertext which the CSP gives to the user cannot be guaranteed because the latter does not have the original ciphertext.

Note that, in our scheme, a ciphertext consists of three parts: We also implement the scheme [ 31 ] for comparison. As knowsit can answer the queries properly.

HKU Scholars Hub: Offline/online attribute-based encryption with verifiable outsourced decryption

The challenger runs and and stores the entry in table. It returns to and keeps secret. Abstract Outsourced decryption ABE system largely reduces the computation cost for users who intend to access the encrypted files stored in cloud.

Suppose is a attribute-base in. The identity represented by an attribute set is not unique so ABE can realize the one-to-many encryption.

In Section 5we give some performance comparison with the existing schemes. So we can conclude that if can attack our scheme at nonnegligible advantage, then we will find an algorithm which attacks Basic CP-ABE scheme under the selective CPA security model at nonnegligible advantage.


The computational overhead for the outsourcing decryption is constant in above schemes. Security Assumption Definition 2 discrete logarithm DL wncryption [ 31 ]. If there exist and such thatthe user with attribute set is able to decrypt ciphertext related towhere, and.

This algorithm takes, and as input. Table 1 illustrates that the size of private key, ciphertext, and transform key in our scheme is constant.

It outputs private key related to. The challenger performs setup algorithm to get the public parameter and master secret key.

Otherwise, the challenger generates the tuple as the reply for transformation key query. Figure 2 compares the times of decryption algorithm spent in our scheme and Lai et al.

Access structure is being referred to in [ 33 ]; we utilize AND gates with respect to multivalued attributes as follows.

Definition 1 bilinear map.

Ifit outputs the message ; otherwise, it outputs. In this process, the CSP does not get any information about original plaintext. A trusted authority TA picks two bilinear groups of prime-order, and.

Otherwise, he computes and.

The security of our scheme reduces to that of scheme in [ 33 ]. Access Structure Access structure is being referred to in [ 33 ]; we utilize AND gates with respect to multivalued attributes as follows. Our Motivations and Contributions. To improve efficiency, Green et al.