DoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation

Document Type : Original Article


Faculty of Computer Engineering, University of Isfahan, Isfahan, Iran


Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a novel authentication mechanism and a new revocation approach. To wide-spread adoptions of ABE for a resource-constrained device, a very light-weight authentication mechanism is required to authentication ciphertext before starting cost expensive ABE techniques to thwart Denial-of-Service (DoS) attacks which are used to power depletion and network downing purposes by attackers. We introduce and address the problem to more robustness of whole networks when DoS attacks are present. Moreover, we propose an efficient revocation mechanism which is a very important challenge in the context. Finally with a discussion on different aspects of the proposal and extensive experimental results we show its profitability.


1. Sahai, A. and Waters, B., “Fuzzy Identity-Based Encryption”,
Springer, Berlin, Heidelberg, (2005). 
2. Goyal, V., Pandey, O., Sahai, A. and Waters, B., “Attribute-based
encryption for fine-grained access control of encrypted data,” In
Proceedings of the 13th ACM conference on Computer and
communications security  - CCS ’06, ACM Press, (2006), 89–98.  
3. Mohammadia, A. and Hamidi, H., “Analyzing Tools and
Algorithms for Privacy Protection and Data Security in Social
Networks,” International Journal of Engineering - Transaction
B: Applications, Vol. 31, No. 8, (2018), 1267–1273. 
4. Nasiraee, H. and Ashouri-Talouki, M., “Dependable and Robust
Attribute-Based Encryption in Mobile Cloud Computing,”
Iranian Conference on Electrical Engineering (ICEE), IEEE,
(2018), 1536–1541. 
5. Hur, J. and Noh, D.K., “Attribute-Based Access Control with
Efficient Revocation in Data Outsourcing Systems,” IEEE
Transactions on Parallel and Distributed Systems, Vol. 22, No.
7, (2011), 1214–1221.  
6. Ostrovsky, R., Sahai, A. and Waters, B., “Attribute-based
encryption with non-monotonic access structures,” In
Proceedings of the 14th ACM conference on Computer and
communications security, ACM, (2007), 195–203. 
7. Zhang, Y., Chen, X., Li, J., Wong, D.S., Li, H. and You, I.,
“Ensuring attribute privacy protection and fast decryption for
outsourced data security in mobile cloud computing,”
Information Sciences, Vol. 379, (2017), 42–61.  
8. Li, J., Chen, X., Chow, S.S., Huang, Q., Wong, D.S. and Liu, Z.,
“Multi-authority fine-grained access control with accountability 
and its application in cloud,” Journal of Network and Computer
Applications, Vol. 112, (2018), 89–96.  
9. Nishide, T., Yoneyama, K., and Ohta, K., “ABE with Partially
Hidden Encryptor-Specified Access Structure", In Proceedings of
Applied Cryptography and Network Security (ACNS), ACNS’08,
LNCS 5037, (2008), 111–129. 
10. Zhang, Y., Chen, X., Li, J., Wong, D.S. and Li, H., “Anonymous
attribute-based encryption supporting efficient decryption test,”
In Proceedings of the 8th ACM SIGSAC symposium on
Information, computer and communications security - ASIA CCS
’13, ACM Press, (2013), 511–516. 
11. Qin, B., Deng, R.H., Liu, S. and Ma, S., “Attribute-Based
Encryption With Efficient Verifiable Outsourced Decryption,”
IEEE Transactions on Information Forensics and Security,
Vol. 10, No. 7, (2015), 1384–1393.  
12. Lai, J., Deng, R.H., and Li, Y., “Fully Secure Cipertext-Policy
Hiding CP-ABE”, Springer, Berlin, Heidelberg, (2011).  
13. Jung, T., Li, X.Y., Wan, Z. and Wan, M., “Control Cloud Data
Access Privilege and Anonymity With Fully Anonymous
Attribute-Based Encryption,” IEEE Transactions on
Information Forensics and Security, Vol. 10, No. 1, (2015),
14. Ahuja, R., Mohanty, S. K., and Sakurai, K., “A scalable attributeset-based
access control with both sharing and full-fledged
delegation of access privileges in cloud computing,” Computers
& Electrical Engineering, Vol. 57, (2017), 241–256.  
15. Han, J., Susilo, W., Mu, Y., Zhou, J. and Au, M.H., “PPDCPABE:
Privacy-Preserving Decentralized Ciphertext-Policy
Attribute-Based Encryption”, Springer, Cham, (2014).  
16. Wang, J., Huang, C., Xiong, N.N. and Wang, J., “Blocked linear
secret sharing scheme for scalable attribute based encryption in
manageable cloud storage system,” Information Sciences, Vol.
424, (2018), 1–26.  
17. Wang, H., He, D., and Han, J., “VOD-ADAC: Anonymous
Distributed Fine-Grained Access Control Protocol with Verifiable
Outsourced Decryption in Public Cloud,” IEEE Transactions on
Services Computing, (2017), 1–1. 
18. Li, J., Zhang, Y., Chen, X. and Xiang, Y., “Secure attribute-based
data sharing for resource-limited users in cloud computing,”
Computers & Security, Vol. 72, (2018), 1–12. 
19. Liu, Y., Zhang, Y., Ling, J. and Liu, Z., “Secure and fine-grained
access control on e-healthcare records in mobile cloud
computing,” Future Generation Computer Systems, Vol. 78,
(2018), 1020–1026.  
20. Li, J., Wang, Y., Zhang, Y. and Han, J., “Full Verifiability for
Outsourced Decryption in Attribute Based Encryption,” IEEE
Transactions on Services Computing, (2017), 1–1.  
21. Li, J., Huang, Q., Chen, X., Chow, S.S., Wong, D.S. and Xie, D.,
“Multi-authority ciphertext-policy attribute-based encryption
with accountability,” In Proceedings of the 6th ACM Symposium
on Information, Computer and Communications Security -
ASIACCS ’11, ACM Press, (2011), 386–390.  
22. Yang, K., Jia, X., Ren, K., Zhang, B. and Xie, R., “DAC-MACS:
Effective Data Access Control for Multiauthority Cloud Storage
Systems,” IEEE Transactions on Information Forensics and
Security, Vol. 8, No. 11, (2013), 1790–1801.  
23. Asadi, F. and Hamidi, H., “An Architecture for Security and
Protection of Big Data,” International Journal of Engineering -
Transaction A: Basics, Vol. 30, No. 10, (2017), 1479–1486. 
24. Rezai, H. and Speily, O.R.B., “Energy aware resource
management of cloud data centers,” International Journal of
Engineering - Transactions B: Applications, Vol. 30, No. 11,
(2017), 1730–1739.  
25. Bethencourt, J., Sahai, A., and Waters, B., “Ciphertext-Policy
Attribute-Based Encryption,” In 2007 IEEE Symposium on
Security and Privacy (SP ’07), (2007), 321–334.