2017, 39(12): 3013-3022.
doi: 10.11999/JEIT170199
Abstract:
Ciphertext-Policy Attribute-Based Encryption (CP-ABE), especially large universe CP-ABE that is not bounded with the attribute set, is getting the more and the more extensive application to the cloud storage. However, there exists an important challenge in original large universe CP-ABE, namely dynamic user and attribute revocation. In this paper, a large universe CP-ABE scheme with efficient attribute level user revocation is proposed, namely the revocation to an attribute of some user can not influence the common access of other legitimate attributes. To achieve the revocation, the master key is divided into two parts: delegation key and secret key, which are sent to the cloud provider and user separately. In this scheme proposed, if an attribute is revoked, then the ciphertext corresponding to this attribute should be updated so that only persons who are not revoked will be able to carry out key updating and decrypt the ciphertext successfully. Note that, the proposed scheme is proved selectively secure in the standard model under q-type assumption. Finally, the performance analysis and experimental verification are carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although the proposed scheme increases the Computational load of Storage service Provider (CSP) in order to achieve the attribute revocation, it does not need the participation of Attribute Authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except of the private key, thus saving the storage space greatly.