{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,2]],"date-time":"2025-12-02T15:03:30Z","timestamp":1764687810012,"version":"build-2065373602"},"reference-count":43,"publisher":"MDPI AG","issue":"10","license":[{"start":{"date-parts":[[2018,10,11]],"date-time":"2018-10-11T00:00:00Z","timestamp":1539216000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61303191","61402508"],"award-info":[{"award-number":["61303191","61402508"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National High Technology Research and Development Program of China","award":["2015AA016010"],"award-info":[{"award-number":["2015AA016010"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"Cryptographic cloud storage (CCS) is a secure architecture built in the upper layer of a public cloud infrastructure. In the CCS system, a user can define and manage the access control of the data by himself without the help of cloud storage service provider. The ciphertext-policy attribute-based encryption (CP-ABE) is considered as the critical technology to implement such access control. However, there still exists a large security obstacle to the implementation of CP-ABE in CCS. That is, how to identify the malicious cloud user who illegally shares his private keys with others or applies his keys to construct a decryption device\/black-box, and provides the decryption service. Although several CP-ABE schemes with black-box traceability have been proposed to address the problem, most of them are not practical in CCS systems, due to the absence of scalability and expensive computation cost, especially the cost of tracing. Thus, we present a new black-box traceable CP-ABE scheme that is scalable and high efficient. To achieve a much better performance, our work is designed on the prime order bilinear groups that results in a great improvement in the efficiency of group operations, and the cost of tracing is reduced greatly to O ( N ) or O ( 1 ) , where N is the number of users of a system. Furthermore, our scheme is proved secure in a selective standard model. To the best of our knowledge, this work is the first such practical and provably secure CP-ABE scheme for CCS, which is black-box traceable.<\/jats:p>","DOI":"10.3390\/sym10100482","type":"journal-article","created":{"date-parts":[[2018,10,12]],"date-time":"2018-10-12T02:58:04Z","timestamp":1539313084000},"page":"482","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Practical, Provably Secure, and Black-Box Traceable CP-ABE for Cryptographic Cloud Storage"],"prefix":"10.3390","volume":"10","author":[{"given":"Huidong","family":"Qiao","sequence":"first","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"},{"name":"College of Computer and Communication, Hunan Institute of Engineering, Xiangtan 411100, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7532-3187","authenticated-orcid":false,"given":"Haihe","family":"Ba","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"}]},{"given":"Huaizhe","family":"Zhou","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"}]},{"given":"Zhiying","family":"Wang","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"}]},{"given":"Jiangchun","family":"Ren","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"}]},{"given":"Ying","family":"Hu","sequence":"additional","affiliation":[{"name":"College of Computer and Communication, Hunan Institute of Engineering, Xiangtan 411100, China"}]}],"member":"1968","published-online":{"date-parts":[[2018,10,11]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Yun, A., Shi, C., and Kim, Y. (2009, January 9\u201313). On protecting integrity and confidentiality of cryptographic file system for outsourced storage. Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, USA.","DOI":"10.1145\/1655008.1655017"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Bowers, K.D., Juels, A., and Oprea, A. (2009, January 9\u201313). HAIL: A high-availability and integrity layer for cloud storage. Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, USA.","DOI":"10.1145\/1653662.1653686"},{"key":"ref_3","unstructured":"Wang, L., Hayashi, T., Kanamori, S., Waseda, A., Nojima, R., and Moriai, S. (2015, January 12\u201316). PRINCESS: A secure cloud file storage system for managing data with hierarchical levels of sensitivity. Proceedings of the ACM Conference on Computer and Communications Security, Denver, CO, USA."},{"key":"ref_4","unstructured":"Tang, H., Wu, J., Cui, Y., Weng, J., Guan, C., and Ren, K. (June, January 30). Enabling ciphertext deduplication for secure cloud storage and access control. Proceedings of the 11th ACM Asia Conference on Computer and Communications Security, Xi\u2019an, China."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1007\/978-3-642-14992-4_13","article-title":"Cryptographic cloud storage","volume":"6054","author":"Kamara","year":"2010","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"270","DOI":"10.1007\/978-3-319-24177-7_14","article-title":"Accountable authority ciphertext-policy attribute-based encryption with white-box traceability and public auditing in the cloud","volume":"9327","author":"Ning","year":"2015","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Ba, H., Zhou, H., Qiao, H., Wang, Z., and Ren, J. (2018). RIM4J: An Architecture for Language-Supported Runtime Measurement against Malicious Bytecode in Cloud Computing. Symmetry, 10.","DOI":"10.3390\/sym10070253"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"457","DOI":"10.1007\/11426639_27","article-title":"Fuzzy identity-based encryption","volume":"3494","author":"Sahai","year":"2005","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_9","unstructured":"Goyal, V., Pandey, O., Sahai, A., and Waters, B. (November, January 30). Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, WV, USA."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Bethencourt, J., Sahai, A., and Waters, B. (2007, January 20\u201323). Ciphertext-policy attribute-based encryption. Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, USA.","DOI":"10.1109\/SP.2007.11"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Liu, Z., Cao, Z., and Wong, D.S. (2013, January 4\u20138). Blackbox traceable CP-ABE: How to catch people leaking their keys by selling decryption devices on eBay. Proceedings of the ACM Conference on Computer and Communications Security, Berlin, Germany.","DOI":"10.1145\/2508859.2516683"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1109\/TIFS.2014.2363562","article-title":"Traceable CP-ABE: How to trace decryption devices found in the wild","volume":"10","author":"Liu","year":"2015","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"551","DOI":"10.1007\/978-3-319-45741-3_28","article-title":"Traceable CP-ABE with short ciphertexts: How to catch people selling decryption devices on ebay efficiently","volume":"9879","author":"Ning","year":"2016","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"109","DOI":"10.1007\/978-3-319-29814-6_10","article-title":"Traceable CP-ABE on prime order groups: Fully secure and fully collusion-resistant blackbox traceable","volume":"9543","author":"Liu","year":"2016","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1016\/j.future.2018.05.032","article-title":"Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing","volume":"88","author":"Qiao","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","article-title":"Lower bounds for discrete logarithms and related problems","volume":"1233","author":"Shoup","year":"1997","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"463","DOI":"10.1007\/s10207-017-0376-y","article-title":"Flexible ciphertext-policy attribute-based encryption supporting AND-gate and threshold with short ciphertexts","volume":"17","author":"Jiang","year":"2018","journal-title":"Int. J. Inf. Secur."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1007\/978-3-319-47422-9_2","article-title":"An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures","volume":"10005","author":"Cui","year":"2016","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"354","DOI":"10.1016\/j.ins.2013.12.027","article-title":"An expressive and provably secure Ciphertext-Policy Attribute-Based Encryption","volume":"276","author":"Balu","year":"2014","journal-title":"Inf. Sci."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1007\/978-3-642-21031-0_3","article-title":"Fully secure cipertext-policy hiding CP-ABE","volume":"6672","author":"Lai","year":"2011","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_21","first-page":"38","article-title":"Forward-secure ciphertext-policy attribute-based encryption scheme","volume":"35","author":"Wei","year":"2014","journal-title":"J. Commun."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"4098","DOI":"10.1002\/sec.1326","article-title":"Provably secure unbounded multi-authority ciphertext-policy attribute-based encryption","volume":"8","author":"Li","year":"2015","journal-title":"Secur. Commun. Netw."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Liang, X., Cao, Z., Lin, H., and Xing, D. (2009, January 10\u201312). Provably secure and efficient bounded ciphertext policy attribute based encryption. Proceedings of the 4th International Symposium on ACM Symposium on Information, Computer and Communications Security, ASIACCS\u201909, Sydney, Australia.","DOI":"10.1145\/1533057.1533102"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/978-3-642-00843-6_1","article-title":"Efficient and provable secure ciphertext-policy attribute-based encryption schemes","volume":"5451","author":"Ibraimi","year":"2009","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1988","DOI":"10.1002\/sec.913","article-title":"Fully secure ciphertext policy attribute-based encryption with constant length ciphertext and faster decryption","volume":"7","author":"Doshi","year":"2018","journal-title":"Secur. Commun. Netw."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1007\/978-3-642-00843-6_2","article-title":"A ciphertext-policy attribute-based encryption scheme with constant ciphertext length","volume":"5451","author":"Emura","year":"2009","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"579","DOI":"10.1007\/978-3-540-70583-3_47","article-title":"Bounded ciphertext policy attribute based encryption","volume":"5126","author":"Goyal","year":"2008","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_28","unstructured":"Cheung, L., and Newport, C. (November, January 29). Provably secure ciphertext policy ABE. Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, WV, USA."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"180","DOI":"10.1007\/978-3-642-32009-5_12","article-title":"New proof methods for attribute-based encryption: Achieving full security through selective techniques","volume":"7417","author":"Lewko","year":"2012","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1007\/978-3-642-19379-8_4","article-title":"Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization","volume":"6571","author":"Waters","year":"2011","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_31","first-page":"118","article-title":"A2BE: Accountable Attribute-Based Encryption for Abuse Free Access Control","volume":"2009","author":"Li","year":"2009","journal-title":"Iacr Cryptol. Eprint Arch."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Zhou, J., Cao, Z., Dong, X., and Lin, X. (May, January 26). TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems. Proceedings of the 2015 IEEE Conference on Computer Communications (INFOCOM), Hong Kong, China.","DOI":"10.1109\/INFOCOM.2015.7218628"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"32102","DOI":"10.1007\/s11432-016-9019-8","article-title":"Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability","volume":"61","author":"Zhang","year":"2018","journal-title":"Sci. China Inf. Sci."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"1274","DOI":"10.1109\/TIFS.2015.2405905","article-title":"White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes","volume":"10","author":"Ning","year":"2015","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1007\/978-3-319-11212-1_4","article-title":"Large universe ciphertext-policy attribute-based encryption with white-box traceability","volume":"8713","author":"Ning","year":"2014","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"76","DOI":"10.1109\/TIFS.2012.2223683","article-title":"White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures","volume":"8","author":"Liu","year":"2013","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_37","unstructured":"Boneh, D., and Waters, B. (November, January 30). A fully collusion resistant broadcast, trace, and revoke system. Proceedings of the ACM Conference on Computer and Communications Security, Alexandria, WV, USA."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"983","DOI":"10.1093\/comjnl\/bxv101","article-title":"Practical attribute-based encryption: Traitor tracing, revocation and large universe","volume":"59","author":"Liu","year":"2016","journal-title":"Comput. J."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"318","DOI":"10.1007\/978-3-642-29011-4_20","article-title":"Tools for simulating features of composite order bilinear groups in the prime order setting","volume":"7237","author":"Lewko","year":"2012","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_40","unstructured":"Beimel, A. (1996). Secure Schemes for Secret Sharing and Key Distribution. [Ph.D. Thesis, Israel Institute of Technology]."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Barker, E.B., Barker, W.C., Burr, W.E., and Smid, M.E. (2007). Recommendation for Key Management\u2014Part 1.","DOI":"10.6028\/NIST.SP.800-57p1r2007"},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1007\/978-3-642-13190-5_3","article-title":"Converting pairing-based cryptosystems from composite-order groups to prime-order groups","volume":"6110","author":"Freeman","year":"2010","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"De Caro, A., and Iovino, V. (July, January 28). jPBC: Java pairing based cryptography. Proceedings of the 16th IEEE Symposium on Computers and Communications (ISCC 2011), Kerkyra, Greece.","DOI":"10.1109\/ISCC.2011.5983948"}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/10\/10\/482\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:25:05Z","timestamp":1760196305000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/10\/10\/482"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10,11]]},"references-count":43,"journal-issue":{"issue":"10","published-online":{"date-parts":[[2018,10]]}},"alternative-id":["sym10100482"],"URL":"https:\/\/doi.org\/10.3390\/sym10100482","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2018,10,11]]}}}