Towards implementing RSA-based CP-ABE algorithm on Android system : a thesis presented in partial fulfilment of the requirements for the degree of Master of Information Sciences at Massey University, Auckland, New Zealand

Abstract

Cipher-text-Policy Attribute-Based Encryption (CP-ABE) algorithm has been proposed to encrypt and decrypt data based on the matching between attributes and an access policy placed over cipher-text. Using CP-ABE, data owner can encrypt data along with an access policy to enforce a fine-grained access control. To improve the efficiency of performance, this study chose a RSA-based CP-ABE algorithm with an access-tree structure while most existing CP-ABE has been implemented using ECC. This new RSA-based CP-ABE algorithm was implemented in the Linux system in another study while this thesis addresses an implementation strategy on an Android system. To achieve this goal, a simple encryption application was designed for users who want to encrypt and decrypt messages through their mobile devices. This study used Android Studio to create the encryption application. In this cipher program, users input the message they want to encrypt and get the encrypted data through the function button named “CIPHER”, and they also can decrypt the cipher-text in the same way.

There are four main algorithms involved in a CP-ABE scheme. They respectively are setup, key generation, encryption and decryption. During the setup process, the CP-ABE scheme uses the RSA algorithm to choose two prime numbers. These prime numbers are used to a master public key and a master private key. In the key generation algorithm, a secret key is generated for a set of attributes using the master private key. In the encryption step, it creates a cipher-text with an access tree. In the decryption algorithm, if and only if the attributes for the user’s decryption key satisfies this access policy is able to decode the encrypted data. This algorithm uses the construction of lightweight no-paring crypto-system based on RSA, and the construction supports an expressive monotone tree access structure to implement the complex access control as a more generic system. By using this algorithm, the encryption and decryption processes are more efficient and secure.