A Stronger Secure Ciphertext Fingerprint-Based Commitment Scheme for Robuster Verifiable OD-CP-ABE in IMCC

Abstract

Outsourced Decryption Attribute-based Encryption (OD-ABE) is emerging as a promising cryptographic tool to provide efficient fine-grained access control for data accessing and sharing in cloud-assisted Intelligent Internet of Mobile Things (IIoMT). Decryption verification is an essential property of OD-ABE to enable the mobile user to verify the precision of the decryption data. Unfortunately, the most representative verification (commitment) algorithms have various security flaws. In this paper, we first indicate that the two state-of-art key-based commitment schemes are vulnerable to “Commitment Extract(Decrypt)-then-Reuse Attack” and “Commitment Impersonation Attack” which demolish the unforgeability of the commitment. Then to cover all the existing attacks to commitment algorithms, we re-define a robuster verifiable security model for verifiable OD-ABE. Subsequently, we invent a ciphertext fingerprint (CTfp) based commitment scheme and give rigorous proof to the proposed commitment scheme including binding, hiding, unforgeability, and non-repudiation (traceability) in the random oracle. Next, we apply our CTfp-based commitment to the widely used OD-ABE schemes to provide them robuster verifiability. Finally, the theoretical comparison and simulation experiments are presented to show our new type of commitment algorithm is more secure and practical.