Toggle Main Menu Toggle Search

Open Access padlockePrints

Correction to "Improving Privacy and Security in Decentralizing Multi-Authority Attribute-Based Encryption in Cloud Computing"

Lookup NU author(s): Dr Syh Yuan TanORCiD



This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0).


In 2018, Yang et al. proposed a decentralized multi-authority attribute-based encryption scheme for cloud computing applications and proved its security using the dual system encryption technique. In this comment, we show that Yang et al. ’s scheme does not achieve encryption one-wayness under the key-only attack and the user collusion attack, respectively. In the key-only attack, with the knowledge of public parameters only, an adversary can impersonate the attribute authorities to forge user attribute secret keys. In the user collusion attack, malicious users can collude by sharing their secret keys to unauthorizedly decrypt a ciphertext. In order to fix the scheme, we suggest adopting a pairing-based proof of knowledge protocol and the decryption algorithm from Lewko and Water’s ABE scheme.

Publication metadata

Author(s): Tan S

Publication type: Article

Publication status: Published

Journal: IEEE Access

Year: 2019

Volume: 7

Pages: 17045-17049

Online publication date: 23/01/2019

Acceptance date: 26/12/2018

Date deposited: 27/07/2020

ISSN (electronic): 2169-3536

Publisher: IEEE


DOI: 10.1109/ACCESS.2019.2894289


Altmetrics provided by Altmetric