On the security of the hierarchical attribute based encryption scheme proposed by Wang et al
Mohammad Ali, Javad Mohajeri, Mohammad-Reza Sadeghi
TL;DR
This paper critically examines the security of Wang et al.'s hierarchical attribute-based encryption scheme, revealing significant vulnerabilities that compromise confidentiality and access control in cloud environments.
Contribution
The paper identifies and demonstrates critical security flaws in the original CP-HABE scheme, challenging its claimed semantic security and practical applicability.
Findings
The scheme's key delegation mechanism is vulnerable to attacks.
Any user with a single attribute can decrypt any encrypted data.
The original scheme does not provide the intended confidentiality.
Abstract
Ciphertext-policy hierarchical attribute-based encryption (CP-HABE) is a promising cryptographic primitive for enforcing the fine-grained access control with scalable key delegation and user revocation mechanisms on the outsourced encrypted data in a cloud. Wang et al. (2011) proposed the first CP-HABE scheme and showed that the scheme is semantically secure in the random oracle model [4, 5]. Due to some weakness in its key delegation mechanism, by presenting two attacks, we demonstrate the scheme does not offer any confidentiality and fine-grained access control. In this way, anyone who has just one attribute can recover any outsourced encrypted data in the cloud.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Privacy-Preserving Technologies in Data · Cloud Data Security Solutions