Browse by author
Lookup NU author(s): Dr Syh Yuan TanORCiD
This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0).
In 2018, Yang et al. proposed a decentralized multi-authority attribute-based encryption scheme for cloud computing applications and proved its security using the dual system encryption technique. In this comment, we show that Yang et al. ’s scheme does not achieve encryption one-wayness under the key-only attack and the user collusion attack, respectively. In the key-only attack, with the knowledge of public parameters only, an adversary can impersonate the attribute authorities to forge user attribute secret keys. In the user collusion attack, malicious users can collude by sharing their secret keys to unauthorizedly decrypt a ciphertext. In order to fix the scheme, we suggest adopting a pairing-based proof of knowledge protocol and the decryption algorithm from Lewko and Water’s ABE scheme.
Author(s): Tan S
Publication type: Article
Publication status: Published
Journal: IEEE Access
Online publication date: 23/01/2019
Acceptance date: 26/12/2018
Date deposited: 27/07/2020
ISSN (electronic): 2169-3536
Altmetrics provided by Altmetric