Cloud storage is a new computing paradigm that allows users to store their data in the cloud and access them anytime anywhere through the Internet. To address the various security issues that may arise in the cloud storage accessed by a large number of users, cryptographic encryption should be considered. Currently, researches on revocable attribute-based encryption (RABE) systems, which provide user revocation function and ciphertext update function by extending attribute-based encryption (ABE) systems that provide access control to ciphertexts, are actively being studied. Recently, Xu et al. proposed new RABE scheme that combines ABE and identity-based encryption (IBE) schemes to efficiently handle ciphertext update and user revocation functionality. In this paper, we show that there is a serious security problem in Xu et al.'s RABE scheme such that a semi-trusted cloud storage can decrypt a ciphertext by colluding with a revoked user. Therefore, the RABE scheme of Xu et al. is not able to provide meaningful security in cloud storage.
[1]
Mark Ryan,et al.
Cloud computing security: The scientific challenge, and a survey of solutions
,
2013,
J. Syst. Softw..
[2]
Vipul Goyal,et al.
Identity-based encryption with efficient revocation
,
2008,
IACR Cryptol. ePrint Arch..
[3]
Yi Mu,et al.
Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud
,
2018,
IEEE Transactions on Information Forensics and Security.
[4]
Brent Waters,et al.
Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption
,
2012,
IACR Cryptol. ePrint Arch..
[5]
Dong Hoon Lee,et al.
Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better Efficiency
,
2013,
ASIACRYPT.