Attributes revocation through ciphertext puncturation

Abstract In order to solve the difficult issue of attribute revocation in the attribute based encryption scheme, a novel method of revoking attributes through ciphertext puncturation is proposed. In this method, a ciphertext puncturation algorithm is designed and the “NOT” operator’s ability to negate attributes in the non-monotonic access policy is utilized to revoke attributes. First, a non-monotonic access policy is constructed from the attributes revocation list. Then the ciphertext is punctured with this policy using the re-randomization technique. Finally, double policies exist in the ciphertext to implement access control. Without any interaction for private key update, the private key including any revoked attributes directly loses its decryption ability due to the puncturation of the ciphertext with the non-monotonic access policy containing revoked attributes. After puncturation, the ciphertext gets forward secrecy and attribute revocation is achieved. Theoretic analysis indicates that the proposed scheme maintains the security level of the attribute based encryption scheme with non-monotonic access policy and effectively completes attributes revocation.

[1]  Masami Mohri,et al.  Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating , 2015, Human-centric Computing and Information Sciences.

[2]  Ivan Stojmenovic,et al.  DACC: Distributed Access Control in Clouds , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[3]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[4]  Zhen Liu,et al.  Practical Ciphertext-Policy Attribute-Based Encryption: Traitor Tracing, Revocation, and Large Universe , 2015, ACNS.

[5]  Masami Mohri,et al.  Attribute-Based Encryption with Attribute Revocation and Grant Function Using Proxy Re-encryption and Attribute Key for Updating , 2014 .

[6]  Goichiro Hanaoka,et al.  A Framework and Compact Constructions for Non-monotonic Attribute-Based Encryption , 2014, Public Key Cryptography.

[7]  Zhen Yang,et al.  Efficient Secure Data Provenance Scheme in Multimedia Outsourcing and Sharing , 2018 .

[8]  Xixi Yan,et al.  A Proxy Re-encryption with Keyword Search Scheme in Cloud Computing , 2018 .

[9]  Tsz Hon Yuen,et al.  Time-Based Direct Revocable Ciphertext-Policy Attribute-Based Encryption with Short Revocation List , 2018, IACR Cryptol. ePrint Arch..

[10]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[11]  Joseph K. Liu,et al.  Extended Proxy-Assisted Approach: Achieving Revocable Fine-Grained Encryption of Cloud Data , 2015, ESORICS.

[12]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[13]  Sourav Mukhopadhyay,et al.  General Circuit Realizing Compact Revocable Attribute-Based Encryption from Multilinear Maps , 2015, ISC.

[14]  Jing Wang,et al.  An Access Control Scheme with Direct Cloud-Aided Attribute Revocation Using Version Key , 2014, ICA3PP.

[15]  Yang-Wai Chow,et al.  Recipient Revocable Identity-Based Broadcast Encryption: How to Revoke Some Recipients in IBBE without Knowledge of the Plaintext , 2016, AsiaCCS.

[16]  Robert H. Deng,et al.  Server-Aided Revocable Attribute-Based Encryption , 2016, ESORICS.

[17]  Yanjiang Yang,et al.  Achieving Revocable Fine-Grained Cryptographic Access Control over Cloud Data , 2013, ISC.

[18]  Jie Wang,et al.  Verifiable Diversity Ranking Search Over Encrypted Outsourced Data , 2018 .

[19]  Hao Wang,et al.  New directly revocable attribute-based encryption scheme and its application in cloud storage environment , 2016, Cluster Computing.

[20]  Sourav Mukhopadhyay,et al.  Adaptively Secure Unrestricted Attribute-Based Encryption with Subset Difference Revocation in Bilinear Groups of Prime Order , 2016, AFRICACRYPT.

[21]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[22]  Mingwu Zhang New Model and Construction of ABE: Achieving Key Resilient-Leakage and Attribute Direct-Revocation , 2014, ACISP.

[23]  Jian Weng,et al.  Privacy-Preserving Indexing and Query Processing for Secure Dynamic Cloud Storage , 2018, IEEE Transactions on Information Forensics and Security.

[24]  K. Kuppusamy,et al.  Ciphertext-Policy Attribute-Based Encryption with User Revocation Support , 2013, QSHINE.

[25]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[26]  Qian Wang,et al.  Searchable Encryption over Feature-Rich Data , 2018, IEEE Transactions on Dependable and Secure Computing.

[27]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.