论文信息 - Security Analysis of Attribute Revocation in Multi-Authority Data Access Control for Cloud Storage System

Security Analysis of Attribute Revocation in Multi-Authority Data Access Control for Cloud Storage System

Yang et al. [1] have proposed a multi-authority CP-ABE based data access control for cloud storage (DAC-MACS), in which the authors claimed that the mechanism in dealing with attribute revocation could achieve both forward security and backward security. Unfortunately, our further analysis and investigation show that their work adopts a bidirectional re-encryption method in ciphertext updating, so a security vulnerability appears. Our proposed attack method demonstrates that a revoked user can still decrypt new ciphertexts that are claimed to require the new-version secret keys to decrypt.

Kaiping Xue | Wei Li | Jianan Hong

[1] M V Patil,et al. HASBE: A HIERARCHICAL ATTRIBUTE-BASED SOLUTION FOR FLEXIBLE AND SCALABLE ACCESS CONTROL IN CLOUD COMPUTING , 2006 .

[2] Jin Li,et al. Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[3] Brent Waters,et al. Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[4] Xiaohua Jia,et al. DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[5] R.T.Subhalakshmi,et al. Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .