Proceedings of the 2015 International Conference on Computer Science and Intelligent Communication

Cryptanalysis of Attribute-Based Data Sharing Scheme for Data Access Security in Cloud Computing

Authors
Aoting Hu, Rui Jiang, Songyang Wu
Corresponding Author
Aoting Hu
Available Online July 2015.
DOI
10.2991/csic-15.2015.74How to use a DOI?
Keywords
Data sharing, CP-ABE, Passive attack, Collusion attack, Revocation
Abstract

With the development and the implementation of the data outsourcing technology in cloud computing, there are increasing demands and concerns for the data access security. Recently, Hur proposed a scheme and claimed the following achievements: 1) the key escrow problem. 2) realizing fine-grained user revocation. However, through our security analysis, there are three security flaws in Hur's scheme. Firstly, the scheme cannot ensure fine-grained user revocation security. We present two attacks, passive attack directed by revoked user and collusion attack, to illustrate its vulnerability, which will lead to disclosing the subsequent encrypted information for a revoked user.Secondly,we find out that the scheme cannot ensureuser secure join as it claimed, which means newly joined user is able to decrypt the message before his joining. Similarly, we present two attacks, passive attack directed by newly joined user and collusion attack, which lead to leakage of previous encrypted data for the new joining user. Thirdly, the key escrow problem cannot be solved completely in the scheme based on Dolev-Yao model, which means there is not any secure channel between the communication entities in, especially between the cloud server and users.Finally, in order to solve the above three security shortages in Hur's scheme, in this paper, we propose three countermeasures, which are efficient to withstand our proposed attacks.

Copyright
© 2015, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the 2015 International Conference on Computer Science and Intelligent Communication
Series
Advances in Computer Science Research
Publication Date
July 2015
ISBN
10.2991/csic-15.2015.74
ISSN
2352-538X
DOI
10.2991/csic-15.2015.74How to use a DOI?
Copyright
© 2015, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Aoting Hu
AU  - Rui Jiang
AU  - Songyang Wu
PY  - 2015/07
DA  - 2015/07
TI  - Cryptanalysis of Attribute-Based Data Sharing Scheme for Data Access Security in Cloud Computing
BT  - Proceedings of the 2015 International Conference on Computer Science and Intelligent Communication
PB  - Atlantis Press
SP  - 307
EP  - 311
SN  - 2352-538X
UR  - https://doi.org/10.2991/csic-15.2015.74
DO  - 10.2991/csic-15.2015.74
ID  - Hu2015/07
ER  -