Online/offline public-index predicate encryption for fine-grained mobile access control

Weiran Liu, Jianwei Liu, Qianhong Wu, Bo Qin, Kaitai Liang

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)

Abstract

Public-Index Predicate Encryption (PIPE) allows users to encrypt according to boolean predicates defined on arbitrary attributes. The expensive algebraic operations are the major efficiency obstacle for PIPE to be applied to mobile clouds. This paper proposes a general Online/Offline PIPE (OO-PIPE) framework to address this issue. First, we propose a generic transformation from a Large Universe PIPE (LUPIPE) secure against chosen plaintext attack (CPA) to OO-PIPE in the same security model. The challenge is to generate ciphertext without the knowledge of the associated ciphertext attributes in the offline phase. We address the challenge by identifying an interesting attribute-malleability property in many LU-PIPE schemes. The property allows an encryptor to efficiently malleate a ciphertext associated with one ciphertext attribute to any assigned ciphertext attribute. Second, we design a generic transformation from CPA-secure LU-PIPE to OO-PIPE secure against adaptively chosen ciphertext attack (CCA2), assuming the underlying LUPIPE has attribute-malleability and public-verifiability properties. The main obstacle here is that the online/offline mechanism endogenously implies forgery in the sense that a pre-computed ciphertext must be able to be efficiently malleated to the resulting ciphertext associated with a different ciphertext attribute and a plaintext, while any efficient valid ciphertext forgery is forbidden in CCA2 security. We circumvent this obstacle by employing a universally collision resistant Chameleon hash, namely, only the original encryptor can malleate the ciphertext to associate with different attributes and provide a hash collision of the ciphertext components.

Original languageEnglish
Title of host publicationComputer Security - 21st European Symposium on Research in Computer Security, ESORICS 2016, Proceedings
EditorsSokratis Katsikas, Catherine Meadows, Ioannis Askoxylakis, Sotiris Ioannidis
PublisherSpringer Verlag
Pages588-605
Number of pages18
ISBN (Print)9783319457406
DOIs
Publication statusPublished - 1 Jan 2016
Externally publishedYes
Event21st European Symposium on Research in Computer Security, ESORICS 2016 - Heraklion, Greece
Duration: 26 Sep 201630 Sep 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9879 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st European Symposium on Research in Computer Security, ESORICS 2016
CountryGreece
CityHeraklion
Period26/09/1630/09/16

Fingerprint Dive into the research topics of 'Online/offline public-index predicate encryption for fine-grained mobile access control'. Together they form a unique fingerprint.

Cite this