Lattices-Inspired CP-ABE from LWE Scheme for Data Access and Sharing Based on Blockchain
Abstract
:1. Introduction
2. Preliminaries
2.1. Notations
2.2. B-Bounded
2.3. Leftover Hash Lemma
2.4. Lattice
2.4.1. Discrete Gaussians
2.4.2. Truncated Discrete Gaussians
2.4.3. Lattice Trapdoors
- ➀
- : The lattice generation algorithm is a randomized algorithm. It takes as input the dimensions n,m and modulus of the matrix and output a matrix together with a lattice trapdoors function .
- ➁
- : The pre-sampling algorithm takes a matrix , the lattice trapdoors function , a vector , and a parameter as the inputs. And it outputs the vector , which the vector satisfies .
2.5. Learning with Errors (LWE)
3. LWE-CP-ABE Scheme
3.1. Algorithm Construction
3.2. Security Model
4. Blockchain-Based LWE-CP-ABE Data Sharing Scheme
4.1. Overview of Blockchain-Based LWE-CP-ABE
4.2. Data Sharing Scheme in Key Management Network and Blockchain Network
Algorithm 1: Setup |
Input: the security parameter , the maximum width of an LSSS matrix, and the user attribute set supported by the system; Output: the PK and the MSK,
|
Algorithm 2: Data Encryption Algorithm |
Input: the PK, the plaintext m, and the access control policy ; Output: the CT.
We have;
|
Algorithm 3: User Attribute Secret Key Generation Algorithm |
Input: the MSK and own attribute information ; Output: the user attribute SK,
Compute then Compute ; Output the user attribute SKGID:
SK = ({ku}u∈U, t)
|
Algorithm 4: Decryption Algorithm |
Input: the CT and the user attribute SKGID; Output: the plaintext m.
|
5. Analysis of the Scheme
5.1. Analysis of Correctness
5.2. Security Analysis of Algorithm
Setup phase | 5. |
1. . | 6. |
2. . | Challenge phase |
3. . | 1. |
4. . | 2. |
3. | |
Key query phase | 4. |
1. . | 5. |
2. . | 6. 7. |
3. . 4. |
5.3. Analysis of Security on the Blockchain
5.4. Comparative Analysis of Performance
5.5. Analysis of Experimental Simulation
6. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Huang, S.; Chen, W.; Fan, B. Data security sharing method based on CP-ABE and blockchain. Comput. Syst. Appl. 2019, 28, 79–86. [Google Scholar]
- Wang, X.; Jiang, X.; Li, Y. Model for data access control and sharing based on blockchain. J. Softw. 2019, 30, 1661–1669. [Google Scholar]
- Yang, T.Y.; Cai, J.L.; Zhang, Y.W. Privacy preserving scheme in block chain with provably secure based on SM9 algorithm. J. Softw. 2019, 30, 1692–1704. [Google Scholar]
- Zyskind, G.; Nathan, O. Decentralizing privacy: Using blockchain to protect personal data. In Proceedings of the 2015 IEEE Security and Privacy Workshops, San Jose, CA, USA, 21–22 May 2005. [Google Scholar]
- Zhang, Q.H. Research on Identification and Access Control in Blockchain; Beijing Jiaotong University: Beijing, China, 2018. [Google Scholar]
- Xu, Y.; Xiao, S.; Wang, H. Redactable Blockchain-based Secure and Accountable Data Management. IEEE Trans. Netw. Serv. Manag. 2023, 1, 1. [Google Scholar] [CrossRef]
- Tian, Y.L.; Yang, K.D.; Wang, Z. Algorithm of blockchain data provenance based on ABE. J. Commun. 2019, 40, 101–111. [Google Scholar]
- Fan, Y.; Lin, X.; Liang, W. Trace Chain: A blockchain-based scheme to protect data confidentiality and traceability. Softw. Pract. Exp. 2019, 52, 115–129. [Google Scholar] [CrossRef]
- Wang, H.; Song, Y. Secure cloud based EHR system using attribute-based cryptosystem and blockchain. J. Med. Syst. 2018, 42, 152. [Google Scholar] [CrossRef]
- Sammy, F.; Maria, C.V.S. An Efficient Blockchain Based Data Access with Modified Hierarchical Attribute Access Structure with CP-ABE Using ECC Scheme for Patient Health Record. Secur. Commun. Netw. 2022, 2022, 1–11. [Google Scholar] [CrossRef]
- Xu, Y.; Liu, Z.; Zhang, C. Blockchain-based Trustworthy Energy Dispatching Approach for High Renewable Energy Penetrated Power System. IEEE Internet Things J. 2022, 9, 10036–10047. [Google Scholar] [CrossRef]
- Zhang, Y.; He, D.B.; Kim, K.R.C. BaDS: Blockchain-based architecture for data sharing with ABS and CP-ABE in IoT. Wirel. Commun. Mob. Comput. 2018, 2018, 1–9. [Google Scholar] [CrossRef]
- Sahai, A.; Waters, B. Fuzzy identity-based encryption. In Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 22–26 May 2005. [Google Scholar]
- Goyal, V.; Pandey, O.; Sahai, A. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, VA, USA, 30 October–3 November 2006. [Google Scholar]
- Wang, Y.; Fan, K. Effective CP-ABE with Hidden Access Policy. J. Comput. Res. Dev. 2019, 56, 2151–2159. [Google Scholar]
- Zhou, Z.; Huang, D.; Wang, Z. Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans. Comput. 2015, 64, 126–138. [Google Scholar] [CrossRef]
- Yan, G.C.; Ling, L.S. Attribute-based access control for multi-authority systems with constant size ciphertext in clouds. China Commun. 2016, 13, 146–162. [Google Scholar]
- Phuong, T.V.X.; Yang, G.; Susilo, W. Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans. Inf. Forensics Secur. 2016, 11, 35–45. [Google Scholar] [CrossRef]
- Sushmita, R.; Milos, S.; Amiya, N. Decentralized access control with anonymous authentication of data stored in clouds. IEEE Trans. Parallel Distrib. Syst. 2014, 25, 384–394. [Google Scholar]
- Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-policy attribute-based encryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 20–23 May 2007. [Google Scholar]
- Waters, B. Ciphertext-policy attribute-based encryption: An expressive, efficient and provable secure realization. In Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography Conference on Public Key Cryp-tography, Taormina, Italy, 6–9 March 2011. [Google Scholar]
- Okamoto, T.; Takashima, K. Fully Secure Unbounded Inner-Product and Attribute-Based Encryption. In Proceedings of the 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, 2–6 December 2012. [Google Scholar]
- Gorbunovo, S.; Vaikuntanathan, V.; Wee, H. Attribute-based encryption for circuits. In Proceedings of the Symposium on Theory of Computing-STOC, Palo Alto, CA, USA, 2–4 June 2013. [Google Scholar]
- Hohenberger, S.; Waters, B. Online/Offline attribute-based encryption. In Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, 26–28 March 2014. [Google Scholar]
- Rouselakis, Y.; Waters, B. Practial constructions and new proof methods for large universe attribute-based encryption. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin Germany, 4–8 November 2013. [Google Scholar]
- Pu, Y.W.; Hu, C.Q.; Deng, S.J. R2PEDS: A Recoverable and Revocable Privacy-Preserving Edge Data Sharing Scheme. IEEE Internet Things J. 2020, 7, 8077–8089. [Google Scholar] [CrossRef]
- Gao, S.; Piao, G.R.; Zhu, J.M. TrustAccess: A Trustworthy Secure Ciphertext-Policy and Attribute Hiding Access Control Scheme based on Blockchain. IEEE Trans. Veh. Technol. 2020, 69, 5784–5798. [Google Scholar] [CrossRef]
- Qin, X.M.; Huang, Y.F.; Yang, Z. A Blockchain-based access control scheme with multiple attribute authorities for secure cloud data sharing. J. Syst. Archit. 2020, 112, 101854–101866. [Google Scholar] [CrossRef]
- Zhang, G.F.; Chen, X.; Feng, B. BCST-APTS: Blockchain and CP-ABE Empowered Data Supervision, Sharing, and Privacy Protection Scheme for Secure and Trusted Agricultural Product Traceability System. Secur. Commun. Netw. 2022, 2022, 1–11. [Google Scholar] [CrossRef]
- Ajtai, M. Generating hard instances of lattice problems. In Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, Philadelphia PA, USA, 22–24 May 1996. [Google Scholar]
- Regev, O. On lattices, learning with errors, random linear-codes, and cryptography. J. ACM 2009, 56, 84–93. [Google Scholar] [CrossRef]
- Qian, X.Y.; Wu, W.Y. Identity-based Encryption Scheme Based on R-SIS/R-LWE. Comput. Sci. 2019, 30, 1692–1704. [Google Scholar]
- Zhou, Y.H.; Dong, S.S.; Yang, Y.G. A Lattice-based Identity-based Proxy Partially Blind Signature Scheme in the Standard Model. Netinfo Secur. 2021, 21, 37–43. [Google Scholar]
- Zhang, Y.H.; Hu, Y.P.; Liu, X.M. Zero-knowledge Proofs for Attribute-Based Group Signatures with Verifier-local Revocation Over Lattices. J. Electron. Inf. Technol. 2020, 42, 315–321. [Google Scholar]
- Datta, P.; Komargodski, I.; Waters, B. Decentralized Multi-Authority ABE for DNFs form LWE. In Advances in Cryptology–EUROCRYPT 2021: 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 17–21 October 2021; Spring: Cham, Switzerland, 2021. [Google Scholar]
- Sarker, A.; Kermani, M.M.; Azarderakhsh, R. Fault detection architectures for inverted binary ring-LWE construction benchmarked on FPGA. IEEE Trans. Circuits Syst. II Express Briefs 2020, 68, 1403–1407. [Google Scholar] [CrossRef]
- Anastasova, M.; Azarderakhsh, R.; Kermani, M.M. Time-Efficient Finite Field Microarchitecture Design for Curve448 and Ed448 on Cortex-M4. In Proceedings of the International Conference on Information Security and Cryptology, Seoul, Republic of Korea, 30 November–2 December 2022. [Google Scholar]
- Anastasova, M.; Azarderakhsh, R.; Kermani, M.M. Fast strategies for the implementation of SIKE round 3 on ARM Cortex-M4. IEEE Trans. Circuits Syst. I Regul. Pap. 2021, 68, 4129–4141. [Google Scholar] [CrossRef]
- Sanal, P.; Karagoz, E.; Seo, H. Kyber on ARM64: Compact implementations of Kyber on 64-bit ARM Cortex-A processors. In Proceedings of the Security and Privacy in Communication Networks: 17th EAI International Conference, Canterbury, Great Britain, 6–9 September 2021. [Google Scholar]
- Niasar, B.M.; Azarderakhsh, R.; Kermani, M.M. Cryptographic accelerators for digital signature based on Ed25519. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 2021, 29, 1297–1305. [Google Scholar] [CrossRef]
- Kermani, M.M.; Azarderakhsh, R.; Aghaie, A. Reliable and error detection architectures of Pomaranch for false-alarm-sensitive cryptographic applications. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 2015, 23, 2804–2812. [Google Scholar] [CrossRef]
- Kermani, M.M.; Masoleh, A.R. Reliable hardware architectures for the third-round SHA-3 finalist Grostl benchmarked on FPGA platform. In Proceedings of the 2011 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems, Vancouver, BC, Canada, 3–5 October 2011. [Google Scholar]
- David. UMBRAL: A Threshold Proxy Re-Encryption Scheme. Available online: https://github.com/nucypher/umbral-doc/blob/master/umbral-doc.pdf (accessed on 6 May 2018).
- Aghaie, A.; Kermani, M.M.; Azarderakhsh, R. Fault diagnosis schemes for secure lightweight cryptographic block cipher RECTANGLE benchmarked on FPGA. In Proceedings of the 2016 IEEE International Conference on Electronics, Circuits and Systems (ICECS), Monte Carlo, Monaco, 11–14 December 2016. [Google Scholar]
- Mohammad, S.R.; Anirban, B.; Shinsaku, K. Decentralized Ciphertext-Policy Attribute-Based Encryption: A Post-Quantum Construction. J. Internet Serv. Inf. Secur. 2017, 7, 3. [Google Scholar]
- Ben, L. PBC Library. Available online: https://crypto.stanford.edu/pbc/ (accessed on 14 June 2013).
- TruffleSuite. Ganache. Available online: https://github.com/trufflesuite/ganache/ (accessed on 26 April 2023).
Scheme | [7] | [9] | [35,44] | Ours |
---|---|---|---|---|
Blockchain | √ | √ | × | √ |
Privacy Preservation | √ | √ | √ | √ |
Anti-Quantum Attack | × | × | √ | √ |
Provable Security | Not always provable | Provably secure | Provably secure | Provably secure |
Hardness Problem | q-PBDHE | d-DDH problem | LWE, R-LWE | LWE |
Multi-Authority | × | √ | √ | √ |
Access Structure | LSSS | LSSS | LSSS, Hierarchical LSSS | LSSS |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Chen, T.; Ren, Z.; Yu, Y.; Zhu, J.; Zhao, J. Lattices-Inspired CP-ABE from LWE Scheme for Data Access and Sharing Based on Blockchain. Appl. Sci. 2023, 13, 7765. https://doi.org/10.3390/app13137765
Chen T, Ren Z, Yu Y, Zhu J, Zhao J. Lattices-Inspired CP-ABE from LWE Scheme for Data Access and Sharing Based on Blockchain. Applied Sciences. 2023; 13(13):7765. https://doi.org/10.3390/app13137765
Chicago/Turabian StyleChen, Taowei, Zhixin Ren, Yimin Yu, Jie Zhu, and Jinyi Zhao. 2023. "Lattices-Inspired CP-ABE from LWE Scheme for Data Access and Sharing Based on Blockchain" Applied Sciences 13, no. 13: 7765. https://doi.org/10.3390/app13137765