Journal of Computer Science and Technology

, Volume 26, Issue 4, pp 697–710

Provably Secure Role-Based Encryption with Revocation Mechanism


    • Institute of Computer Science and TechnologyPeking University
    • Beijing Key Laboratory of Internet Security TechnologyPeking University
  • Hong-Xin Hu
    • School of Computing, Informatics and Decision Systems EngineeringArizona State University
  • Gail-Joon Ahn
    • School of Computing, Informatics and Decision Systems EngineeringArizona State University
  • Huai-Xi Wang
    • School of Mathematical SciencesPeking University
  • Shan-Biao Wang
    • School of Mathematical SciencesPeking University

DOI: 10.1007/s11390-011-1169-9

Cite this article as:
Zhu, Y., Hu, H., Ahn, G. et al. J. Comput. Sci. Technol. (2011) 26: 697. doi:10.1007/s11390-011-1169-9


Role-Based Encryption (RBE) realizes access control mechanisms over encrypted data according to the widely adopted hierarchical RBAC model. In this paper, we present a practical RBE scheme with revocation mechanism based on partial-order key hierarchy with respect to the public key infrastructure, in which each user is assigned with a unique private-key to support user identification, and each role corresponds to a public group-key that is used to encrypt data. Based on this key hierarchy structure, our RBE scheme allows a sender to directly specify a role for encrypting data, which can be decrypted by all senior roles, as well as to revoke any subgroup of users and roles. We give a full proof of security of our scheme against hierarchical collusion attacks. In contrast to the existing solutions for encrypted file systems, our scheme not only supports dynamic joining and revoking users, but also has shorter ciphertexts and constant-size decryption keys.


cryptographyrole-based encryptionrole hierarchykey hierarchycollusion securityrevocation

Supplementary material

11390_2011_1169_MOESM1_ESM.pdf (69 kb)
(PDF 68.5 KB)

Copyright information

© Springer Science+Business Media, LLC & Science Press, China 2011