QS-CPABE: Quantum-Safe CP-ABE with policy hiding and verifiable policy update for cloud storage

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-05-17 DOI:10.1016/j.jisa.2025.104080

Sravya Gudipati , Syamkumar Pasupuleti , Padmavathy R.

{"title":"QS-CPABE: Quantum-Safe CP-ABE with policy hiding and verifiable policy update for cloud storage","authors":"Sravya Gudipati , Syamkumar Pasupuleti , Padmavathy R.","doi":"10.1016/j.jisa.2025.104080","DOIUrl":null,"url":null,"abstract":"<div><div>Ciphertext-Policy Attribute-Based Encryption (CP-ABE) ensures data privacy and fine-grained access control in a cloud environment through its one-to-many encryption feature. However, most of the existing CP-ABE schemes cannot resist quantum attacks as they are constructed from bilinear pairing assumptions. Recently, several lattice-based CP-ABE schemes have been proposed to defend against quantum attacks, but these schemes do not provide mechanisms to hide the policy attributes along with a verifiable policy updating mechanism which is crucial for dynamic access control management in cloud environments. To address these issues, this paper proposes a Quantum-Safe CP-ABE scheme with policy hiding and verifiable policy updates for cloud storage. The security of QS-CPABE is proven against the Chosen Plaintext Attack (CPA) under the Module Learning with Errors (M-LWE) assumptions. The theoretical and experimental analyses demonstrate that QS-CPABE is practical and efficient.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104080"},"PeriodicalIF":3.8000,"publicationDate":"2025-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625001176","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) ensures data privacy and fine-grained access control in a cloud environment through its one-to-many encryption feature. However, most of the existing CP-ABE schemes cannot resist quantum attacks as they are constructed from bilinear pairing assumptions. Recently, several lattice-based CP-ABE schemes have been proposed to defend against quantum attacks, but these schemes do not provide mechanisms to hide the policy attributes along with a verifiable policy updating mechanism which is crucial for dynamic access control management in cloud environments. To address these issues, this paper proposes a Quantum-Safe CP-ABE scheme with policy hiding and verifiable policy updates for cloud storage. The security of QS-CPABE is proven against the Chosen Plaintext Attack (CPA) under the Module Learning with Errors (M-LWE) assumptions. The theoretical and experimental analyses demonstrate that QS-CPABE is practical and efficient.

查看原文本刊更多论文

量子安全的CP-ABE，具有策略隐藏和可验证的云存储策略更新

密码策略属性加密（cipher - policy Attribute-Based Encryption, CP-ABE）通过一对多的加密特性，保证了云环境下的数据隐私和细粒度的访问控制。然而，大多数现有的CP-ABE方案都是基于双线性配对假设构建的，无法抵抗量子攻击。最近，人们提出了几种基于格的CP-ABE方案来防御量子攻击，但这些方案没有提供隐藏策略属性的机制以及可验证的策略更新机制，而这对于云环境中的动态访问控制管理至关重要。为了解决这些问题，本文提出了一种具有策略隐藏和可验证策略更新的云存储量子安全CP-ABE方案。在带有错误的模块学习（M-LWE）假设下，证明了QS-CPABE在抗选择明文攻击（CPA）的安全性。理论分析和实验分析均证明了该方法的实用性和有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.