Flexible revocation in ciphertext-policy attribute-based encryption with verifiable ciphertext delegation

作     者：Deng, Shijie Yang, Gaobo Dong, Wen Xia, Ming 

作者机构：Hunan Univ Sch Informat Sci & Elect Engn Changsha 410082 Peoples R China 

出 版 物：《MULTIMEDIA TOOLS AND APPLICATIONS》 (多媒体工具和应用)

年 卷 期：2023年第82卷第14期

页      面：22251-22274页

核心收录：

学科分类：0808[工学-电气工程] 08[工学] 0835[工学-软件工程] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：National Key R&D Program of China [2018YFB1003205] National Natural Science Foundation of China 

主　　题：Cloud computing Attribute-based encryption Verifiable ciphertext delegation Flexible revocation Access control 

摘      要：Attribute-based encryption (ABE) is a promising approach to enables fine-grained access control for encrypted data in cloud storage. However, to design a flexible and effective revocation mechanism has always been a tricky problem for ABE, especially for the situations where revocation occurs frequently. In this work, we propose a practical attribute-based access control scheme by introducing ciphertext-policy attribute-based encryption (CP-ABE) that allows the trusted authority (TA) to efficiently manage the credentials of data users. The problem of revocation is solved efficiently by exploiting user binary tree. To achieve flexible revocation, our scheme supports both attribute revocation and user revocation to accommodate different revocation needs. Non-revoked users can still decrypt the ciphertext as long as his/her remaining attributes satisfy the access policy associated with the ciphertext. Moreover, verifiable ciphertext delegation is presented to reduce the heavy computation cost brought by frequent revocation. The merits of the proposed scheme are proved by comparing its performance and security with the related works.