Abstract
Attribute-based encryption (ABE) with outsourced decryption not only allows fine-grained and versatile sharing of encrypted data, but also largely mitigates the decryption overhead and the ciphertext size in the standard ABE schemes. Very recently, Xu et al. (2016) [3] proposed a hybrid ciphertext-policy ABE with verifiable outsourced decryption in which the authors claimed that the correctness of the outsourced decryption can be verified by the user. Unfortunately, after carefully revisiting the scheme, we found that Xu et al.'s scheme is not secure against forgery attack, hence, a security vulnerability appears. Our proposed attack demonstrates that anyone can forge or tamper a valid ciphertext with a different message to replace the original ciphertext the user intends to decrypt.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
