TSR-ABE: Traceable and Server-Aided Revocable Ciphertext-Policy Attribute-Based Encryption Under Static Assumptions

作     者：Meng, Fei Cheng, Leixiao 

作者机构：Shandong Univ Sch Cyber Sci & Technol Qingdao 266237 Peoples R China Shandong Univ Sch Cyber Sci & Technol Qingdao 266237 Peoples R China 

出 版 物：《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》 (IEEE Trans. Inf. Forensics Secur.)

年 卷 期：2025年第20卷

页      面：955-967页

核心收录：

学科分类：0808[工学-电气工程] 08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：National Natural Science Foundation of China [62402289, 62272269] Natural Science Foundation of Shandong Province [ZR2022QF043, ZR2024QF103] China Postdoctoral Science Foundation [2023M732062] 

主　　题：Servers Cloud computing Glass box Encryption Vectors Costs Complexity theory Access control Outsourcing Generators Attribute-based encryption traceability revocability server-aided static assumption 

摘      要：The cloud server is a versatile platform for data storage, with users increasingly uploading personal data to public servers to circumvent costly local storage. However, the server is not entirely honest, as it may potentially compromise user data privacy. Ciphertext-policy attribute-based encryption (CP-ABE) is a highly flexible cryptographic technique for ensuring access control over encrypted data in cloud storage applications. To prevent unauthorized access, traceability and revocability are two necessary requirements for CP-ABE system. Nevertheless, existing white-box traceable and revocable CP-ABE schemes suffer from several imitations: 1) Whether direct revocation or indirect revocation is applied, neither type of the revocation mode is well compatible with the trace function. 2) Moreover, all of the previous white-box traceable CP-ABE schemes rely on non-static assumptions to prove traceability. Ideally, a scheme provably secure under static complexity assumptions is preferable. To deal with these issues, we propose a novel traceable and server-aided revocable CP-ABE (TSR-ABE) scheme based on static assumptions. Specifically, our revocation mode works well with the trace function, and we prove the adaptive chosen-plaintext attack security and traceability of our scheme via the well-known dual system encryption methodology. Compared with many previous traceable CP-ABE schemes, regardless of whether they support revocation or not, we remove the need to introduce an additional l-SDH assumption to prove the traceability of the scheme. In addition, our scheme is more practical due to its lower private key size, lower decryption costs and lower tracing costs. As a result, we strengthen current research from the perspective of both security and efficiency.