Indexed on: 14 Mar '16Published on: 14 Jun '15Published in: Pervasive and Mobile Computing
Ciphertext-policy attribute-based encryption (CP-ABE) is extremely suitable for cloud computing environment in that it enables data owners to make and enforce access policies themselves. However, most of existing CP-ABE schemes suffer severe efficiency drawbacks due to large ciphertext size and computation cost, and hence are not suitable for mobile clouds, where users are usually resource-limited. In this paper, we first present a generic attribute-based data sharing system based on a hybrid mechanism of CP-ABE and a symmetric encryption scheme. Then, we propose a CP-ABE scheme which features constant computation cost and constant-size ciphertexts. The proposed CP-ABE scheme is proven selective-secure in the random oracle model under the decision nn-BDHE assumption, where nn represents the total number of attributes in universe. It can efficiently support AND-gate access policies with multiple attribute values and wildcards. Theoretical analysis and experimental results indicate that the proposed scheme is extremely suitable for data sharing in mobile clouds.