Document Type : Research Article

Authors

1 Department of Mathematics and Computer Science, Shahed university, Tehran, Iran

2 Department of Computer Engineering, Shahed University, Tehran, Iran

3 Department of Mathematics and Computer Science, Shahed University, Tehran, Iran

Abstract

The advent of cloud computing in the healthcare system makes accuracy and speed increased, costs reduced, and health services widely used. However, system users are always seriously concerned about the security of outsourced data. The ciphertext-policy attribute-based encryption (CP-ABE) is a promising way to ensure the security of and facilitate access control over outsourced data. However, conventional CP-ABE schemes have security flaws such as lack of attribute privacy and resistance to the keywords guessing attacks as well as the disability to multi-keyword searches. To meet such shortcomings, we present a scheme supporting multi-keyword search and fine-grained access control, simultaneously. The proposed scheme is resistant to the offline keywords guessing attack. Privacy-preserving in the access structure is another feature of the proposed scheme. The security analysis indicates that our scheme is selectively secure in the standard model. Finally, the performance evaluation of the proposed scheme shows the efficiency is reasonable despite the added functionalities.

Keywords

[1] Parvaneh Asghari, Amir Masoud Rahmani, and Hamid Haj Seyyed Javadi. Internet of things applications: A systematic review. Computer Networks, 148:241–261, 2019.
[2] Parvaneh Asghari, Amir Masoud Rahmani, and Hamid Haj Seyyed Javadi. A medical monitoring scheme and health-medical service composition model in cloud-based iot platform. Transactions on Emerging Telecommunications Technologies, 30(6):e3637, 2019. (a) Key generation algorithm for different number of attributes (b) Ciphertext generation algorithm for different number of attributes Figure 3. Time cost of two algorithms
[3] Amit Sahai and Brent Waters. Fuzzy identitybased encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 457–473. Springer, 2005.
[4] Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security, pages 89–98. Acm, 2006.
[5] John Bethencourt, Amit Sahai, and Brent Waters. Ciphertext-policy attribute-based encryption. In 2007 IEEE symposium on security and privacy (SP’07), pages 321–334. IEEE, 2007.
[6] Zhiguo Wan, Jun’e Liu, and Robert H Deng. Hasbe: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE transactions on information forensics and security, 7(2):743–754, 2011. [7] Majid Bayat and Mohammad Reza Aref. An attribute-based tripartite key agreement protocol. International Journal of Communication Systems, 28(8):1419–1431, 2015.
[8] Majid Bayat, Hamid Reza Arkian, and Mohammad Reza Aref. A revocable attribute based data sharing scheme resilient to dos attacks in smart grid. Wireless Networks, 21(3):871–881, 2015.
[9] Zhenhua Liu, Shuhong Duan, Peilin Zhou, and Baocang Wang. Traceable-then-revocable ciphertext-policy attribute-based encryption scheme. Future Generation Computer Systems, 2017.
[10] Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Qi Jiang, and Junwei Zhang. Attribute-based keyword search over hierarchical data in cloud computing. IEEE Transactions on Services Computing, pages –, 2017.
[11] Zehong Chen, Fangguo Zhang, Peng Zhang, Joseph K Liu, Jiwu Huang, Hanbang Zhao, and Jian Shen. Verifiable keyword search for secure big data-based mobile healthcare networks with fine-grained authorization control. Future Generation Computer Systems, 87:712–724, 2018.
[12] Saeid Rezaei, M Ali Doostari, and Majid Bayat. A lightweight and efficient data sharing scheme for cloud computing. International Journal of Electronics and Information Engineering, 9(2):115– 131, 2018.
[13] Qian Xu, Chengxiang Tan, Wenye Zhu, Ya Xiao, Zhijie Fan, and Fujia Cheng. Decentralized attribute-based conjunctive keyword search scheme with online/offline encryption and outsource decryption for cloud computing. Future Generation Computer Systems, 97:306–326, 2019.
[14] Kobra Alimohammadi, Majid Bayat, and Hamid HS Javadi. A secure key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage. Multimedia Tools and Applications, 79(3):2855–2872, 2020.
[15] Dawn Xiaoding Song, David Wagner, and Adrian Perrig. Practical techniques for searches on encrypted data. In Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on, pages 44–55. IEEE, 2000.
[16] Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In International conference on the theory and applications of cryptographic techniques, pages 506–522. Springer, 2004.
[17] Aniseh Najafi, Hamid Haj Seyyed Javadi, and Majid Bayat. Verifiable ranked search over encrypted data with forward and backward privacy. Future Generation Computer Systems, 101:410– 419, 2019.
[18] Jin Wook Byun, Hyun Suk Rhee, Hyun-A Park, and Dong Hoon Lee. Off-line keyword guessing attacks on recent keyword search schemes over encrypted data. In Workshop on Secure Data Management, pages 75–83. Springer, 2006.
[19] Wei-Chuen Yau, Raphael C-W Phan, Swee-Huay Heng, and Bok-Min Goi. Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. International Journal of Computer Mathematics, 90(12):2581– 2587, 2013.
[20] Joonsang Baek, Reihaneh Safavi-Naini, and Willy Susilo. Public key encryption with keyword search revisited. In International conference on Computational Science and Its Applications, pages 1249–1259. Springer, 2008.
[21] Hyun Sook Rhee, Jong Hwan Park, Willy Susilo, and Dong Hoon Lee. Trapdoor security in a searchable public-key encryption scheme with a designated tester. Journal of Systems and Software, 83(5):763–771, 2010.
[22] Chengyu Hu and Pengtao Liu. An enhanced searchable public key encryption scheme with a designated tester and its extensions. J. Comput, 7(3):716–723, 2012.
[23] Yang Yang and Maode Ma. Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for e-health clouds. IEEE Transactions on Information Forensics and Security, 11(4):746–759, 2016.
[24] Yinbin Miao, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H Deng, Jiguo Li, Hongwei Li, and Jianfeng Ma. Privacy-preserving attribute-based keyword search in shared multi-owner setting. IEEE Transactions on Dependable and Secure Computing, 2019.
[25] Wenhai Sun, Shucheng Yu, Wenjing Lou, Y Thomas Hou, and Hui Li. Protecting your right: Verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. IEEE Transactions on Parallel and Distributed Systems, 27(4):1187–1198, 2014.
[26] Yinbin Miao, Jianfeng Ma, Ximeng Liu, Fushan Wei, Zhiquan Liu, and Xu An Wang. m2-abks: Attribute-based multi-keyword search over encrypted personal health records in multi-owner setting. Journal of medical systems, 40(11):246, 2016.
[27] Yinbin Miao, Jianfeng Ma, Ximeng Liu, Jian Weng, Hongwei Li, and Hui Li. Lightweight finegrained search over encrypted data in fog computing. IEEE Transactions on Services Computing, 2018.
[28] Yinbin Miao, Jianfeng Ma, Ximeng Liu, Xinghua Li, Zhiquan Liu, and Hui Li. Practical attributebased multi-keyword search scheme in mobile crowdsourcing. IEEE Internet of Things Journal, 5(4):3008–3018, 2017.
[29] Takashi Nishide, Kazuki Yoneyama, and Kazuo Ohta. Attribute-based encryption with partially hidden encryptor-specified access structures. In International conference on applied cryptography and network security, pages 111–129. Springer, 2008.
[30] Junzuo Lai, Robert H Deng, and Yingjiu Li. Fully secure cipertext-policy hiding cp-abe. In International conference on information security practice and experience, pages 24–39. Springer, 2011.
[31] Tran Viet Xuan Phuong, Guomin Yang, and Willy Susilo. Hidden ciphertext policy attributebased encryption under standard assumptions. IEEE transactions on information forensics and security, 11(1):35–45, 2015.
[32] Cancan Jin, Xinyu Feng, and Qingni Shen. Fully secure hidden ciphertext policy attribute-based encryption with short ciphertext size. In Proceedings of the 6th International Conference on Communication and Network Security, pages 91–98. ACM, 2016.
[33] Yinghui Zhang, Dong Zheng, and Robert H Deng. Security and privacy in smart health: Efficient policy-hiding attribute-based access control. IEEE Internet of Things Journal, 5(3):2130–2145, 2018.
[34] Fawad Khan, Hui Li, Liangxuan Zhang, and Jian Shen. An expressive hidden access policy cp-abe. In 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), pages 178– 186. IEEE, 2017.
[35] Hong Zhong, Wenlong Zhu, Yan Xu, and Jie Cui. Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Computing, 22(1):243–251, 2018.
[36] Hu Xiong, Hao Zhang, and Jianfei Sun. Attributebased privacy-preserving data sharing for dynamic groups in cloud computing. IEEE Systems Journal, 2018.
[37] Sana Belguith, Nesrine Kaaniche, Maryline Laurent, Abderrazak Jemai, and Rabah Attia. Phoabe: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted iot. Computer Networks, 133:141– 156, 2018.
[38] Leyou Zhang, Yilei Cui, and Yi Mu. Improving security and privacy attribute based data sharing in cloud computing. IEEE Systems Journal, pages –, 2019.
[39] Hassan Nasiraee and Maede Ashouri-Talouki. Anonymous decentralized attribute-based access control for cloud-assisted iot. Future Generation Computer Systems, 2020.
[40] Qingji Zheng, Shouhuai Xu, and Giuseppe Ateniese. Vabks: verifiable attribute-based keyword search over outsourced encrypted data. In IEEE INFOCOM 2014-IEEE Conference on Computer Communications, pages 522–530. IEEE, 2014.
[41] Payal Chaudhari and Manik Lal Das. A 2 bse: Anonymous attribute based searchable encryption. In 2017 ISEA Asia Security and Privacy (ISEASP), pages 1–10. IEEE, 2017.
[42] Yinbin Miao, Jianfeng Ma, Ximeng Liu, Zhiquan Liu, Limin Shen, and Fushan Wei. Vmkdo: Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner. Peer-to-Peer Networking and Applications, 11(2):287–297, 2018.
[43] Shuo Qiu, Jiqiang Liu, Yanfeng Shi, and Rui Zhang. Hidden policy ciphertext-policy attributebased encryption with keyword search against keyword guessing attack. Science China Information Sciences, 60(5):052105, 2017. [44] Payal Chaudhari and Manik Lal Das. Keysea: Keyword-based search with receiver anonymity in attribute-based searchable encryption. IEEE Transactions on Services Computing, 2020.
[45] Yang Chen, Wenmin Li, Fei Gao, Kaitai Liang, Hua Zhang, and Qiaoyan Wen. Practical attribute-based conjunctive keyword search scheme. The Computer Journal, 2019.
[46] Laicheng Cao, Yifan Kang, Qirui Wu, Rong Wu, Xian Guo, and Tao Feng. Searchable encryption cloud storage with dynamic data update to support efficient policy hiding. China Communications, 17(6):153–163, 2020.
[47] Haijiang Wang, Xiaolei Dong, and Zhenfu Cao. Multi-value-independent ciphertext-policy attribute based encryption with fast keyword search. IEEE Transactions on Services Computing, 2017.
[48] Lixue Sun and Chunxiang Xu. Hidden policy ciphertext-policy attribute based encryption with conjunctive keyword search. In 2017 3rd IEEE International Conference on Computer and Communications (ICCC), pages 1439–1443. IEEE, 2017.
[49] Jonathan Katz, Amit Sahai, and Brent Waters. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In annual international conference on the theory and applications of cryptographic techniques, pages 146–162. Springer, 2008.
[50] Adi Shamir. Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques, pages 47–53. Springer, 1984.
[51] Mukti Padhya and Devesh Jinwala. A novel approach for searchable cp-abe with hidden ciphertext-policy. In International Conference on Information Systems Security, pages 167–184. Springer, 2014.