Privacy-Preserving and Traceable Functional Encryption for Inner Product in Cloud Computing

IF 5.3 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Cloud Computing Pub Date : 2025-04-01 DOI:10.1109/TCC.2025.3556925

Muyao Qiu;Jinguang Han;Feng Hao;Chao Sun;Ge Wu

{"title":"Privacy-Preserving and Traceable Functional Encryption for Inner Product in Cloud Computing","authors":"Muyao Qiu;Jinguang Han;Feng Hao;Chao Sun;Ge Wu","doi":"10.1109/TCC.2025.3556925","DOIUrl":null,"url":null,"abstract":"Cloud computing is a distributed infrastructure that centralizes server resources on a platform in order to provide services over the internet. Traditional public-key encryption protects data confidentiality in cloud computing, while functional encryption provides a more fine-grained decryption method, which only reveals a function of the encrypted data. However, functional encryption in cloud computing faces the problem of key sharing. In order to trace malicious users who share keys with others, traceable FE-IP (TFE-IP) schemes were proposed where the key generation center (KGC) knows users’ identities and binds them with different secret keys. Nevertheless, existing schemes fail to protect the privacy of users’ identities. The fundamental challenge to construct a privacy-preserving TFE-IP scheme is that KGC needs to bind a key with a user's identity without knowing the identity. To balance privacy and accountability in cloud computing, we propose the concept of privacy-preserving traceable functional encryption for inner product (PPTFE-IP) and give a concrete construction which offers the features: (1) To prevent key sharing, both a user's identity and a vector are bound together in the key; (2) The KGC and a user execute a two-party secure computing protocol to generate a key without the former knowing anything about the latter's identity; (3) Each user can ensure the integrity and correctness of his/her key through verification; (4) The inner product of the two vectors embedded in a ciphertext and in his/her key can be calculated by an authorized user; (5) Only the tracer can trace the identity embedded in a key. We formally reduce the security of the proposed PPTFE-IP to well-known complexity assumptions, and conduct an implementation to evaluate its efficiency. The novelty of our scheme is to protect the user's privacy and provide traceability if required.","PeriodicalId":13202,"journal":{"name":"IEEE Transactions on Cloud Computing","volume":"13 2","pages":"667-679"},"PeriodicalIF":5.3000,"publicationDate":"2025-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Cloud Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10946832/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Cloud computing is a distributed infrastructure that centralizes server resources on a platform in order to provide services over the internet. Traditional public-key encryption protects data confidentiality in cloud computing, while functional encryption provides a more fine-grained decryption method, which only reveals a function of the encrypted data. However, functional encryption in cloud computing faces the problem of key sharing. In order to trace malicious users who share keys with others, traceable FE-IP (TFE-IP) schemes were proposed where the key generation center (KGC) knows users’ identities and binds them with different secret keys. Nevertheless, existing schemes fail to protect the privacy of users’ identities. The fundamental challenge to construct a privacy-preserving TFE-IP scheme is that KGC needs to bind a key with a user's identity without knowing the identity. To balance privacy and accountability in cloud computing, we propose the concept of privacy-preserving traceable functional encryption for inner product (PPTFE-IP) and give a concrete construction which offers the features: (1) To prevent key sharing, both a user's identity and a vector are bound together in the key; (2) The KGC and a user execute a two-party secure computing protocol to generate a key without the former knowing anything about the latter's identity; (3) Each user can ensure the integrity and correctness of his/her key through verification; (4) The inner product of the two vectors embedded in a ciphertext and in his/her key can be calculated by an authorized user; (5) Only the tracer can trace the identity embedded in a key. We formally reduce the security of the proposed PPTFE-IP to well-known complexity assumptions, and conduct an implementation to evaluate its efficiency. The novelty of our scheme is to protect the user's privacy and provide traceability if required.

查看原文本刊更多论文

云计算中内积的隐私保护和可追踪功能加密

云计算是一种分布式基础设施，它将服务器资源集中在一个平台上，以便通过互联网提供服务。在云计算中，传统的公钥加密保护了数据的机密性，而功能加密提供了一种更细粒度的解密方法，它只揭示了加密数据的一个功能。然而，云计算中的功能加密面临着密钥共享的问题。为了跟踪与他人共享密钥的恶意用户，提出了可跟踪的FE-IP （TFE-IP）方案，其中密钥生成中心（KGC）知道用户的身份并将其与不同的密钥绑定。然而，现有的方案无法保护用户的身份隐私。构建保护隐私的TFE-IP方案的基本挑战是，KGC需要在不知道用户身份的情况下将密钥与用户身份绑定。为了平衡云计算中的隐私和责任，我们提出了保护隐私的可追踪内积功能加密（PPTFE-IP）的概念，并给出了一个具体的结构，该结构具有以下特点：(1)为了防止密钥共享，将用户的身份和向量绑定在密钥中；(2) KGC和用户执行两方安全计算协议生成密钥，而前者不知道后者的身份；(3)每个用户都可以通过验证来保证自己密钥的完整性和正确性；(4)授权用户可以计算密文和密钥中嵌入的两个矢量的内积；(5)只有追踪器可以追踪嵌入密钥的身份。我们将提出的PPTFE-IP的安全性正式降低到众所周知的复杂性假设，并进行了实现以评估其效率。我们方案的新颖之处在于保护用户的隐私，并在需要时提供可追溯性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Cloud Computing Computer Science-Software

CiteScore

9.40

自引率

6.20%

发文量

167

期刊介绍： The IEEE Transactions on Cloud Computing (TCC) is dedicated to the multidisciplinary field of cloud computing. It is committed to the publication of articles that present innovative research ideas, application results, and case studies in cloud computing, focusing on key technical issues related to theory, algorithms, systems, applications, and performance.