Ciphertext Policy Attribute-based Encryption Scheme Supporting Attribute Level User Revocation Under Large Universe

WANG Jianhua; WANG Guangbo; XU Kaiyong

doi:10.11999/JEIT170199

Volume 39 Issue 12

Dec. 2017

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2017 > 39(12): 3013-3022

WANG Jianhua, WANG Guangbo, XU Kaiyong. Ciphertext Policy Attribute-based Encryption Scheme Supporting Attribute Level User Revocation Under Large Universe[J]. Journal of Electronics & Information Technology, 2017, 39(12): 3013-3022. doi: 10.11999/JEIT170199

Citation:

WANG Jianhua, WANG Guangbo, XU Kaiyong. Ciphertext Policy Attribute-based Encryption Scheme Supporting Attribute Level User Revocation Under Large Universe[J]. Journal of Electronics & Information Technology, 2017, 39(12): 3013-3022. doi: 10.11999/JEIT170199

Citation:

PDF( 567 KB)

Ciphertext Policy Attribute-based Encryption Scheme Supporting Attribute Level User Revocation Under Large Universe

doi: 10.11999/JEIT170199

1.
2.
(Information Science and Technology University, Zhengzhou 450000, China)

Funds:

The National 973 Program of China (2013 CB338001)

Received Date: 2017-03-06
Rev Recd Date: 2017-08-06
Publish Date: 2017-12-19

Abstract

Abstract

Ciphertext-Policy Attribute-Based Encryption (CP-ABE), especially large universe CP-ABE that is not bounded with the attribute set, is getting the more and the more extensive application to the cloud storage. However, there exists an important challenge in original large universe CP-ABE, namely dynamic user and attribute revocation. In this paper, a large universe CP-ABE scheme with efficient attribute level user revocation is proposed, namely the revocation to an attribute of some user can not influence the common access of other legitimate attributes. To achieve the revocation, the master key is divided into two parts: delegation key and secret key, which are sent to the cloud provider and user separately. In this scheme proposed, if an attribute is revoked, then the ciphertext corresponding to this attribute should be updated so that only persons who are not revoked will be able to carry out key updating and decrypt the ciphertext successfully. Note that, the proposed scheme is proved selectively secure in the standard model under q-type assumption. Finally, the performance analysis and experimental verification are carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although the proposed scheme increases the Computational load of Storage service Provider (CSP) in order to achieve the attribute revocation, it does not need the participation of Attribute Authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except of the private key, thus saving the storage space greatly.
- Ciphertext-Policy Attribute-Based Encryption (CP-ABE),
- Outsourced decryption,
- Large universe,
- Attribute level user revocation

FullText(HTML)

References(18)

References

YADAV U C. Ciphertext-policy attribute-based encryption with hiding access structure[C]. 2015 IEEE International Advance Computing Conference (IACC), Bangalore, India, 2015: 6-10. doi: 10.1109/IADCC.2015.7154664.

SAHAI A and WATERS B. Fuzzy Identity-Based Encryption [M]. Heidelberg, Berlin, Springer, 2005: 457-473. doi: 10.1007 /11426639_27.

WANG M, ZHANG Z, and CHEN C. Security analysis of a privacy-preserving decentralized ciphertext-policy attribute- based encryption scheme[J]. Concurrency Computation Practice Experience, 2016, 28(4): 1237-1245. doi: 10.1002/ cpe.3623.

NARUSE T, MOHRI M, and SHIRAISHI Y. Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating[J]. Human-centric Computing and Information Sciences, 2015, 5(1): 1-13. doi: 10.1186/s13673-015-0027-0.

LEWKO A, OKAMOTO T, SAHAI A, et al. Fully Secure Functional Encryption: Attribute-based Encryption and (Hierarchical) inner Product Encryption[M]. Heidelberg, Berlin, Springer, 2010: 62-91. doi: 10.1007/978-3-642-13190- 5_4.

RAHULAMATHAVAN Y, VELURU S, HAN J, et al. User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption[J]. IEEE Transactions on Computers, 2016, 65(9): 2939-2946. doi: 10.1109/TC.2015.2510646.

LEWKO A and WATERS B. Unbounded HIBE and attribute-based encryption[C]. International Conference on Theory and Applications of Cryptographic Techniques: Advances in Cryptology, Tallinn, Estonia, 2011: 547-567.

ROUSELAKIS Y and WATERS B. Practical constructions and new proof methods for large universe attribute-based encryption[C]. ACM Sigsac Conference on Computer Communications Security, Berlin, Germany, 2013: 463-474.

OSTROVSKY R, SAHAI A, and WATERS B. Attribute- based encryption with non-monotonic access structures[C]. CCS 07 ACM Conference on Computer Communications Security, Alexandria, Virginia, USA, 2007: 195-203.

STADDON J, GOLLE P, et al. A content-driven access control system[C]. Proceedings of the 7th Symposium on Identity and Trust on the Internet, Gaithersburg, Maryland, USA, 2008: 26-35.

LIANG X, LU R, and LIN X. Ciphertext policy attribute based encryption with efficient revocation[OL]. https:// www.ResearchGate.net/publication/255670422, 2010.

BETHENCOURT J, SAHAI A, and WATERS B. Ciphertext-policy attribute-based encryption[C]. IEEE Symposium on Security and Privacy, Oakland, California, USA, 2007: 321-334.

BOLDYREVA A, GOYAL V, and KUMAR V. Identity- based encryption with efficient revocation[C]. ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, 2008: 417-426.

PIRRETTI M, TRAYNOR P, MCDANIEL P, et al. Secure attribute-based systems[C]. ACM Conference on Computer and Communications Security, Alexandria, VA, USA, 2006: 799-837.

YANG K, JIA X, and REN K. Attribute-based fine-grained access control with efficient revocation in cloud storage systems[C]. ACM Sigsac Symposium on Information, Computer and Communications Security, Denver, Colorado, 2015: 523-528.

HUR J and NOH D K. Attribute-based access control with efficient revocation in data outsourcing systems[J]. IEEE Transactions on Parallel Distributed Systems, 2011, 22(7): 1214-1221.

BONEH D and BOYEN X. Efficient selective-ID Secure identity-based encryption without random oracles[C]. Advancesin Cryptology-EUROCRYPT 2004, Lecture Notes in Computer Science, Berlin, Heidelberg, 2004, 3027: 223-238.

DAN B, GENTRY C, and WATERS B. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys[M]. Heidelberg, Berlin, Springer, 2005: 258-275.

Relative Articles

Supplements(0)

Cited By

Proportional views