Comments on “Attribute-Based Data Sharing Scheme Revisited in Cloud Computing”

Abstract : In this letter, we discuss the security weakness of Wang et al.'s attribute-based data sharing scheme, in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (TIFS) (DOI: 10.1109/TIFS.2016.2549004). Through designing two concrete attacks, we identify two serious security flaws in their scheme. 1) First, we show that their scheme is insecure because in their scheme any authenticated user can freely tamper with the weight of his own attribute to gain higher level decryption privilege to arbitrarily decrypt the ciphertext belonging to another user with higher weight of attribute. 2) Second, we further demonstrate that their scheme is trivial insecure because in their scheme even any malicious authenticated user's attribute does not match the access policy of a ciphertext, he/she still has the power to decrypt the ciphertext, i.e., the decryption power is independent of attributes, thus, their scheme is not a rigorous attribute-based scheme. The two weaknesses discovered may hinder their scheme infeasible for practical deployment. Accordingly, we present a remedy solution to the issues while preserving all the security features of the original scheme. We hope that our cryptoanalysis and remedy scheme may contribute to avoiding similar design flaws in future designs.

 EXISTING SYSTEM :

 ? Existing system uses the cipher text policies. In which confidentiality of the data are made by using three factors data, encryption algorithm & the size of key. ? As well existing concepts third parties are used such as key as well as digital certificate providers & verifiers. ? To ensure information protection against untrusted CSPs, existing arrangements apply cryptographic techniques (e.g., encryption mechanisms).challenging issue, particularly when managing dynamic client group. ? Besides, most of the existing CP-ABE schemes cannot support attribute with arbitrary 3 state.

 DISADVANTAGE :

 ? Employing a CP-ABE system directly into a cloud application that may yield some open problems. ? However, CP-ABE is limited to a potential security risk that is known as key escrow problem, whereby the secret keys of users have to be issued by a trusted key authority. ? We propose an improved key issuing protocol to resolve the key escrow problem of CP-ABE in cloud computing. ? To solve the key escrow problem, it generates both parts of system parameter and secret key for each user. ? In addition, an improved key issuing protocol is proposed to resolve the key escrow problem of CP-ABE in cloud computing.

 PROPOSED SYSTEM :

 • In this paper we proposed a mechanism which deals with revocation and data privacy & make Access Control Policy (ACP) in dynamic user group problem. • In this paper, authors proposed a policy preserving EHR system on the basis of CP-ABE. • The subsequent evaluation of element insert, lookup and recovery shows that their proposed scheme only introduces light-weighted overhead cost. • This proposed scheme not only offer fine-grained authorization of cipher-texts but also protects the identities of users. • In addition, a new computational problem called the twin-decision BDH problem (tDBDH) is proposed in this paper.

 ADVANTAGE :

 ? The performance analysis and the security proof show that the proposed scheme is able to achieve efficient and secure data sharing in cloud computing. ? We presented the performance and security analyses for the proposed scheme, in which the results demonstrate high efficiency and security of our scheme. ? The cost is reduced by nearly half in theory which is consistent with the above efficiency analysis. ? Accordingly, how to securely and efficiently share user data is one of the toughest challenges in the scenario of cloud computing. ? The simulation shows that CP-WABE-RE scheme is efficient both in terms of computation complexity and storage cost.