Paper 2016/668
Analysis of a Secure and Verifiable Policy Update Outsourcing Scheme for Big Data Access Control in the Cloud
Wei Yuan
Abstract
How to flexibly change the access policy after the initial data access policy has been set is a critical problem to promote attribute-based encryption (ABE) from a theoretical tool to a practical tool. Since the first ABE scheme emerges, many schemes have been proposed to solve the problem but the problem remains unsolved yet. The reason is that the overheads of changing an old access policy to a new one are larger than that of generating a ciphertext with the new access policy directly. Recently, in IEEE Transactions on Parallel and Distributed Systems (DOI:10.1109/TPDS.2014.2380373), Yang et al. proposed a multi-authority ciphertext-policy (CP) ABE scheme with ciphertext updating function. The authors declared that the access policy of the ciphertext can be dynamically modified with the old ciphertext and the scheme is correct, complete, secure, and efficient. However, after revisiting this paper, we found that the scheme is not correct under the system model defined by the authors. Some necessary algorithms are missing such that users cannot decrypt the updated ciphertexts. Moreover, if new algorithms are added into the system model to ensure that the scheme is correct, complete, and secure, the scheme will be not as efficient as the authors declared. Consequently, the scheme fails to achieve the claimed results.
Metadata
- Available format(s)
- -- withdrawn --
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Contact author(s)
- yuanwei @ iie ac cn
- History
- 2016-07-06: withdrawn
- 2016-07-04: received
- See all versions
- Short URL
- https://ia.cr/2016/668
- License
-
CC BY