Verifiable Outsourced Decryption of Encrypted Data From Heterogeneous Trust Networks

Cloud-based Internet of Things (IoT) management services can be utilized to acquire data from devices at any point on Earth. Accordingly, controlling access to data managed by possibly untrusted cloud servers is crucial. Attribute-based encryption (ABE) provides flexible access control and the capability to delegate, facilitating decryption operations with high computationally costs to be outsourced to cloud servers. Earlier studies discussed guarantees to the accuracy of delegated computation through various cryptographic encoding techniques, thus helping data receivers verify the precision of outsourced decryption operations. In this article, we investigate two state-of-the-art schemes addressing verifiable outsourced decryption of encrypted data, and show their vulnerability to our verification bypassing attacks. We then propose a securitywise enhanced encoding scheme that disables such attacks. In addition, a rigorous security analysis is conducted, demonstrating the capabilities of the proposed scheme against bypassing attacks. An experimental analysis finds that the method proposed in this article outperforms the two state-of-the-art works by 82% and 87%, respectively, on the encoding computation cost.

Automated summary

This article investigates two state-of-the-art schemes for verifiable outsourced decryption of encrypted data and identifies their vulnerabilities. It then proposes a securitywise enhanced encoding scheme and conducts a rigorous security analysis. Experimental results show that the proposed method outperforms the other two schemes in terms of encoding computation cost.