Directly Revocable and Verifiable Key-Policy Attribute-based Encryption for Large Universe

For practical data sharing applications, many attributebased encryption (ABE) schemes were proposed with different kinds of properties, such as supporting large universe, revocation, verification and so on. However, existing schemes seldom support these three important properties simultaneously. In this paper, we present a directly revocable and verifiable key-policy ABE scheme for large universe (DRV-KP-ABE). The new scheme supports large universe, and attributes do not need to be enumerated at stage of setup. Meanwhile, our scheme allows the trusted authority to revoke users by only updating the revocation list without interaction with non-revoked users. We use the subset difference method for revocation which greatly improves the broadcast efficiency compared with the complete subtree scheme. In addition, the proposed scheme enables the third party to update ciphertexts with public information, and the auditor assures the third party updated ciphertexts correctly. The DRV-KP-ABE scheme is selectively secure under q-type assumption in the standard model.

[1]  Min-Shiang Hwang,et al.  A Study of Attribute-based Proxy Re-encryption Scheme in Cloud Environments , 2014, Int. J. Netw. Secur..

[2]  Dong Hoon Lee,et al.  Efficient revocable identity-based encryption via subset difference methods , 2017, Des. Codes Cryptogr..

[3]  S M ChowSherman,et al.  Server-aided signatures verification secure against collusion attack , 2013 .

[4]  Dengguo Feng,et al.  Towards Attribute Revocation in Key-Policy Attribute Based Encryption , 2011, CANS.

[5]  Yi Mu,et al.  Provably secure server-aided verification signatures , 2011, Comput. Math. Appl..

[6]  Jiqiang Liu,et al.  Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation , 2015, Inf. Sci..

[7]  Zhen Liu,et al.  Practical Attribute-Based Encryption: Traitor Tracing, Revocation and Large Universe , 2016, Comput. J..

[8]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[9]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[10]  Wang Zhenyu,et al.  A Policy-based De-duplication Mechanism for Securing Cloud Storage , 2015 .

[11]  Hideki Imai,et al.  Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes , 2009, IMACC.

[12]  Jin Li,et al.  Efficient attribute-based data sharing in mobile clouds , 2016, Pervasive Mob. Comput..

[13]  K. Kuppusamy,et al.  An expressive and provably secure Ciphertext-Policy Attribute-Based Encryption , 2014, Inf. Sci..

[14]  Kwangsu Lee,et al.  Self-updatable encryption with short public parameters and its extensions , 2016, Des. Codes Cryptogr..

[15]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[16]  Jitendra Singh,et al.  Cyber-Attacks in Cloud Computing: A Case Study , 2014 .

[17]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[18]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[19]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[20]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[21]  Jin Li,et al.  Anonymous attribute-based encryption supporting efficient decryption test , 2013, ASIA CCS '13.

[22]  Fagen Li,et al.  Blind Expressive Ciphertext Policy Attribute Based Encryption for Fine Grained Access Control on the Encrypted Data , 2015, Int. J. Netw. Secur..

[23]  Jianfeng Ma,et al.  Efficient algorithms for secure outsourcing of bilinear pairings , 2015, Theor. Comput. Sci..

[24]  Brent Waters,et al.  Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption , 2012, IACR Cryptol. ePrint Arch..

[25]  Sébastien Canard,et al.  Delegating a Pairing Can Be Both Secure and Efficient , 2014, ACNS.

[26]  Joseph K. Liu,et al.  Identity-Based Server-Aided Decryption , 2011, ACISP.

[27]  Yang Ming,et al.  An Efficient Attribute Based Encryption Scheme with Revocation for Outsourced Data Sharing Control , 2011, 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control.

[28]  Jin Li,et al.  Attribute-Based Data Sharing with Flexible and Direct Revocation in Cloud Computing , 2014, KSII Trans. Internet Inf. Syst..

[29]  Guangjun Liu,et al.  Ciphertext-Policy Hierarchical Attribute-based Encryption for Fine-Grained Access Control of Encryption Data , 2014, Int. J. Netw. Secur..

[30]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[31]  Sourav Mukhopadhyay,et al.  Fully Secure Unbounded Revocable Attribute-Based Encryption in Prime Order Bilinear Groups via Subset Difference Method , 2015, IACR Cryptol. ePrint Arch..