Cluster Computing

, Volume 20, Issue 3, pp 2385–2392 | Cite as

New directly revocable attribute-based encryption scheme and its application in cloud storage environment

  • Hao WangEmail author
  • Zhihua Zheng
  • Lei Wu
  • Ping Li


Attribute-based encryption (ABE) is a special type of cryptosystem, which provide encryption and decryption functions based on users attributes. Due to the functionality and flexibility of ABE, it is considered to be suitable for providing data security and privacy preserving security in the cloud storage environment. However, lack of user revocation mechanism is considered to be a disadvantage of traditional ABE. In this paper, we study the direct revocation mechanism of ciphertext-policy ABE (CP-ABE), construct a new directly revocable CP-ABE in the composite order group, and prove it to achieve adaptive security using dual system encryption in the standard model. On this basis, we introduce user revocation centre (URC) in this system, and outsource the revocation tasks to URC. Users need not to master the latest revocation list for encrypting, and need not to pay any additional computing for revocation. In addition, when revocation list changes, URC can update the ciphertexts for users. Finally, we introduce how to deploy our schemes in cloud storage environment.


Directly revocable CP-ABE Cloud storage Privacy preserving 



This study was funded by the National Natural Science Foundation of China (Grant Numbers 61572294, 61672330, 61602287, 61632020), the Natural Science Foundation of Shandong Province (Grant Number ZR2013FQ021), the Distinguished Young Scholars Fund of Education (No. Yq2013126) , and the Natural Science Foundation of Guangdong Province for Distinguished Young Scholars (2014A030306020).


  1. 1.
    Aiello, W., Lodha, S., Ostrovsky, R.: Fast digital identity revocation (extended abstract). In: Advances in Cryptology—CRYPTO ’98, Proceedings of 18th Annual International Cryptology Conference, Santa Barbara, California, August 23–27, 1998, pp. 137–152 (1998). doi: 10.1007/BFb0055725
  2. 2.
    Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Cryptography and Coding, Proceedings of 12th IMA International Conference, Cryptography and Coding 2009, Cirencester, UK, December 15–17, 2009. pp. 278–300 (2009). doi: 10.1007/978-3-642-10868-6_17
  3. 3.
    Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Pairing-Based Cryptography—Pairing 2009, Proceedings of Third International Conference, Palo Alto, CA, August 12–14, 2009, pp. 248–265 (2009). doi: 10.1007/978-3-642-03298-1_16
  4. 4.
    Beimel, A.: Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa (1996)Google Scholar
  5. 5.
    Chase, M.: Multi-authority attribute based encryption. In: Theory of Cryptography, Proceedings of 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, February 21–24, 2007, pp. 515–534 (2007)Google Scholar
  6. 6.
    Cui, H., Deng, R.H., Li, Y., Qin, B.: Server-aided revocable attribute-based encryption. In: Computer Security—ESORICS 2016. Proceedings of 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26–30, 2016, Part II, pp. 570–587 (2016). doi: 10.1007/978-3-319-45741-3_29
  7. 7.
    Fu, Z., Ren, K., Shu, J., Sun, X., Huang, F.: Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans. Parallel Distrib. Syst. 27(9), 2546–2559 (2016). doi: 10.1109/TPDS.2015.2506573
  8. 8.
    Fu, Z., Sun, X., Liu, Q., Zhou, L., Shu, J.: Achieving efficient cloud search services: Multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans. 98-B(1), 190–200 (2015).
  9. 9.
    Garg, S., Gentry, C., Halevi, S., Sahai, A., Waters, B.: Attribute-based encryption for circuits from multilinear maps. In: Advances in Cryptology—CRYPTO 2013. Proceedings of 33rd Annual Cryptology Conference, Santa Barbara, CA, August 18–22, 2013. Part II, pp. 479–499 (2013). doi: 10.1007/978-3-642-40084-1_27
  10. 10.
    Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Automata, Languages and Programming, 35th International Colloquium, ICALP 2008, Reykjavik, Iceland, July 7–11, 2008, Proceedings, Part II - Track B: Logic, Semantics, and Theory of Programming & Track C: Security and Cryptography Foundations, pp. 579–591 (2008)Google Scholar
  11. 11.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, October 30–November 3, 2006, pp. 89–98 (2006)Google Scholar
  12. 12.
    Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Proceedings of 20th USENIX Security Symposium, San Francisco, CA, USA, August 8–12 (2011)Google Scholar
  13. 13.
    He, D., Kumar, N., Chilamkurti, N.K.: A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci. 321, 263–277 (2015). doi: 10.1016/j.ins.2015.02.010 CrossRefGoogle Scholar
  14. 14.
    He, D., Kumar, N., Shen, H., Lee, J.H.: One-to-many authentication for access control in mobile pay-tv systems. Sci. China Inf. Sci. (2016). doi: 10.1007/s11432-015-5469-5
  15. 15.
    He, D., Wang, D.: Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J. 9(3), 816–823 (2015). doi: 10.1109/JSYST.2014.2301517 CrossRefGoogle Scholar
  16. 16.
    He, D., Zeadally, S.: Authentication protocol for an ambient assisted living system. IEEE Commun. Mag. 53(1), 71–77 (2015). doi: 10.1109/MCOM.2015.7010518 CrossRefGoogle Scholar
  17. 17.
    He, D., Zeadally, S., Kumar, N., Lee, J.H.: Anonymous authentication for wireless body area networks with provable securit. IEEE Syst. J. (2016). doi: 10.1109/JSYST.2016.2544805
  18. 18.
    He, D., Zeadally, S., Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. (2015). doi: 10.1109/JSYST.2015.2428620
  19. 19.
    Huang, X., Liu, J.K., Tang, S., Xiang, Y., Liang, K., Xu, L., Zhou, J.: Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans. Comput. 64(4), 971–983 (2015). doi: 10.1109/TC.2014.2315619 MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Lewko, A.B., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology—EUROCRYPT 2010, Proceedings of 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. pp. 62–91 (2010)Google Scholar
  21. 21.
    Lewko, A.B., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Theory of Cryptography, Proceedings of 7th Theory of Cryptography Conference, TCC 2010, Zurich, February 9–11, 2010. pp. 455–479 (2010)Google Scholar
  22. 22.
    Li, J., Chen, X., Li, M., Li, J., Lee, P.P.C., Lou, W.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014). doi: 10.1109/TPDS.2013.284 CrossRefGoogle Scholar
  23. 23.
    Li, J., Huang, Q., Chen, X., Chow, S.S.M., Wong, D.S., Xie, D.: Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22–24, 2011, pp. 386–390 (2011). doi: 10.1145/1966913.1966964
  24. 24.
    Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25(8), 2201–2210 (2014)CrossRefGoogle Scholar
  25. 25.
    Li, J., Jia, C., Li, J., Chen, X.: Outsourcing encryption of attribute-based encryption with mapreduce. In: Information and Communications Security, Proceedings of 14th International Conference, ICICS 2012, Hong Kong, China, October 29–31, 2012. pp. 191–201 (2012)Google Scholar
  26. 26.
    Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015). doi: 10.1109/TC.2013.208 MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Advances in Cryptology—CRYPTO 2001. In: Proceedings of 21st Annual International Cryptology Conference, Santa Barbara, California, August 19–23, 2001, pp. 41–62 (2001). doi: 10.1007/3-540-44647-8_3
  28. 28.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, VA, October 28–31, 2007, pp. 195–203 (2007)Google Scholar
  29. 29.
    Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, Ioctober 30–November 3, 2006, pp. 99–112 (2006)Google Scholar
  30. 30.
    Ren, Y., Shen, J., Wang, J., Han, J., Lee, S.: Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16(2), 317–324 (2015)Google Scholar
  31. 31.
    Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Advances in Cryptology—CRYPTO 2012. Proceedings of 32nd Annual Cryptology Conference, Santa Barbara, CA, August 19–23, 2012. pp. 199–217 (2012). doi: 10.1007/978-3-642-32009-5_13
  32. 32.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology - EUROCRYPT 2005, Proceedings of 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005, pp. 457–473 (2005)Google Scholar
  33. 33.
    Shen, J., Tan, H., Moh, S., Chung, I., Liu, Q., Sun, X.: Enhanced secure sensor association and key management in wireless body area networks. J. Commun. Netw. 17(5), 453–462 (2015). doi: 10.1109/JCN.2015.000083 CrossRefGoogle Scholar
  34. 34.
    Shen, J., Tan, H., Wang, J., Wang, J., Lee, S.: A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16(1), 171–178 (2015)Google Scholar
  35. 35.
    Shi, Y., Zheng, Q., Liu, J., Han, Z.: Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Inf. Sci. 295, 221–231 (2015). doi: 10.1016/j.ins.2014.10.020 MathSciNetCrossRefzbMATHGoogle Scholar
  36. 36.
    Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., Zhao, M.: Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computingGoogle Scholar
  37. 37.
    Wang, H., Zheng, Z., Wu, L., Wang, Y.: Adaptively secure outsourcing ciphertext-policy attribute-based encryption. J. Comput. Res. Dev. 52(10), 2270–2280 (2015)Google Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.School of Information Science and EngineeringShandong Normal UniversityJinanChina
  2. 2.School of Computer ScienceGuangzhou UniversityGuangzhouChina

Personalised recommendations