Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
Analysis of Hidden-policy Attribute-based Access Control Schemes for Cloud Environment
Sotoudeh, Reihaneh | 2025
0
Viewed
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 57835 (05)
- University: Sharif University of Technology
- Department: Electrical Engineering
- Advisor(s): Eghlidos, Taraneh; Mohajeri, Javad
- Abstract:
- Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising access control mechanism for securing cloud data. In ciphertext-policy attribute-based encryption schemes, an access structure is sent along each ciphertext to specify authorized recipients. However, this approach can inadvertently expose users' privacy and compromise the integrity of the messages. To address these challenges, hidden-policy attribute-based encryption schemes have been developed. While numerous methods have been proposed to hide the access policy, limited research has comprehensively evaluated their effectiveness, particularly in terms of security and privacy guarantees. In this thesis, we first review and compare various techniques proposed for hiding access policies in CP-ABE schemes. Next, we analyze five hidden policy attribute-based encryption schemes. The first two schemes are attribute-based encryption schemes with partially hidden access structures. The third and fourth schemes are two attribute-based encryption schemes with fully hidden access structures using the attribute Bloom filter to hide the access structure. However, we demonstrate that in all four schemes, information about the attributes used in the access structure can still leak through the ciphertext, and the access structure can be uncovered through a dictionary attack. As a result, these schemes fail to achieve true policy hiding, contrary to their designers' assertion. Furthermore, our research reveals that the vulnerabilities identified in these four schemes can also be applied to several other similar schemes. The fifth scheme we analyze is an attribute-based encryption scheme with a partially hidden access structure that boasts higher efficiency compared to other similar existing schemes. To enhance the efficiency of the decryption algorithm, redundant components are added to both the ciphertext and the user's decryption key. However, by exploiting a weakness in the design of these redundant components, we show that a user with any arbitrary set of attributes can decrypt all ciphertexts within the system. This finding highlights a critical flaw in the scheme's design, undermining its security guarantees
- Keywords:
- Ciphertext-Policy Attribute-Based Encryption ; Fully Hidden Access Structure ; Hidden-Policy Attribute-Based Encryption ; Attribute Bloom Filter ; Partially Hidden Access Structure
Digital Object List
-
محتواي کتاب
- view
Bookmark