A Unified Scheme of Hierarchical Attribute-Based Encryption

Syeda Husna Mehanoor, Syeda Ayesha Thainiath

Abstract: Cloud computing; as an emerging computing paradigm; enables users to remotely store their data into a cloud so as to enjoy scalable services on-demand. Especially for small and medium-sized enterprises with limited budgets; they can achieve cost savings and productivity enhancements by using cloud-based services to manage projects; to make collaborations; and the like. However; allowing cloud service providers (CSPs) ; which are not in the same trusted domains as enterprise users; to take care of confidential data; may raise potential security and privacy issues. To keep the sensitive user data confidential against untrusted CSPs; a natural way is to apply cryptographic approaches; by disclosing decryption keys only to authorized users. However; when enterprise users outsource confidential data for sharing on cloud servers; the adopted encryption system should not only support fine-grained access control; but also provide high performance; full delegation; and scalability; so as to best serve the needs of accessing data anytime and anywhere; delegating within enterprises; and achieving a dynamic set of users. In this paper; we propose a scheme to help enterprises to efficiently share confidential data on cloud servers. We achieve this goal by first combining the hierarchical identity-based encryption (HIBE) system and the ciphertext-policy attribute-based encryption (CP-ABE) system; and then making a performance-expressivity tradeoff; finally applying proxy re-encryption and lazy re-encryption to our scheme.

Keywords: Cloud Service Provider CSP, Hierarchical identity-based encryption HIBE, Ciphertext-policy attribute- based encryption