Abstract
Attribute-based encryption (ABE) is a special type of cryptosystem, which provide encryption and decryption functions based on users attributes. Due to the functionality and flexibility of ABE, it is considered to be suitable for providing data security and privacy preserving security in the cloud storage environment. However, lack of user revocation mechanism is considered to be a disadvantage of traditional ABE. In this paper, we study the direct revocation mechanism of ciphertext-policy ABE (CP-ABE), construct a new directly revocable CP-ABE in the composite order group, and prove it to achieve adaptive security using dual system encryption in the standard model. On this basis, we introduce user revocation centre (URC) in this system, and outsource the revocation tasks to URC. Users need not to master the latest revocation list for encrypting, and need not to pay any additional computing for revocation. In addition, when revocation list changes, URC can update the ciphertexts for users. Finally, we introduce how to deploy our schemes in cloud storage environment.
Similar content being viewed by others
References
Aiello, W., Lodha, S., Ostrovsky, R.: Fast digital identity revocation (extended abstract). In: Advances in Cryptology—CRYPTO ’98, Proceedings of 18th Annual International Cryptology Conference, Santa Barbara, California, August 23–27, 1998, pp. 137–152 (1998). doi:10.1007/BFb0055725
Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Cryptography and Coding, Proceedings of 12th IMA International Conference, Cryptography and Coding 2009, Cirencester, UK, December 15–17, 2009. pp. 278–300 (2009). doi:10.1007/978-3-642-10868-6_17
Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Pairing-Based Cryptography—Pairing 2009, Proceedings of Third International Conference, Palo Alto, CA, August 12–14, 2009, pp. 248–265 (2009). doi:10.1007/978-3-642-03298-1_16
Beimel, A.: Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa (1996)
Chase, M.: Multi-authority attribute based encryption. In: Theory of Cryptography, Proceedings of 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, February 21–24, 2007, pp. 515–534 (2007)
Cui, H., Deng, R.H., Li, Y., Qin, B.: Server-aided revocable attribute-based encryption. In: Computer Security—ESORICS 2016. Proceedings of 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26–30, 2016, Part II, pp. 570–587 (2016). doi:10.1007/978-3-319-45741-3_29
Fu, Z., Ren, K., Shu, J., Sun, X., Huang, F.: Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans. Parallel Distrib. Syst. 27(9), 2546–2559 (2016). doi:10.1109/TPDS.2015.2506573
Fu, Z., Sun, X., Liu, Q., Zhou, L., Shu, J.: Achieving efficient cloud search services: Multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans. 98-B(1), 190–200 (2015). http://search.ieice.org/bin/summary.php?id=e98-b_1_190
Garg, S., Gentry, C., Halevi, S., Sahai, A., Waters, B.: Attribute-based encryption for circuits from multilinear maps. In: Advances in Cryptology—CRYPTO 2013. Proceedings of 33rd Annual Cryptology Conference, Santa Barbara, CA, August 18–22, 2013. Part II, pp. 479–499 (2013). doi:10.1007/978-3-642-40084-1_27
Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Automata, Languages and Programming, 35th International Colloquium, ICALP 2008, Reykjavik, Iceland, July 7–11, 2008, Proceedings, Part II - Track B: Logic, Semantics, and Theory of Programming & Track C: Security and Cryptography Foundations, pp. 579–591 (2008)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, October 30–November 3, 2006, pp. 89–98 (2006)
Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Proceedings of 20th USENIX Security Symposium, San Francisco, CA, USA, August 8–12 (2011)
He, D., Kumar, N., Chilamkurti, N.K.: A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci. 321, 263–277 (2015). doi:10.1016/j.ins.2015.02.010
He, D., Kumar, N., Shen, H., Lee, J.H.: One-to-many authentication for access control in mobile pay-tv systems. Sci. China Inf. Sci. (2016). doi:10.1007/s11432-015-5469-5
He, D., Wang, D.: Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J. 9(3), 816–823 (2015). doi:10.1109/JSYST.2014.2301517
He, D., Zeadally, S.: Authentication protocol for an ambient assisted living system. IEEE Commun. Mag. 53(1), 71–77 (2015). doi:10.1109/MCOM.2015.7010518
He, D., Zeadally, S., Kumar, N., Lee, J.H.: Anonymous authentication for wireless body area networks with provable securit. IEEE Syst. J. (2016). doi:10.1109/JSYST.2016.2544805
He, D., Zeadally, S., Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. (2015). doi:10.1109/JSYST.2015.2428620
Huang, X., Liu, J.K., Tang, S., Xiang, Y., Liang, K., Xu, L., Zhou, J.: Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans. Comput. 64(4), 971–983 (2015). doi:10.1109/TC.2014.2315619
Lewko, A.B., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology—EUROCRYPT 2010, Proceedings of 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. pp. 62–91 (2010)
Lewko, A.B., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Theory of Cryptography, Proceedings of 7th Theory of Cryptography Conference, TCC 2010, Zurich, February 9–11, 2010. pp. 455–479 (2010)
Li, J., Chen, X., Li, M., Li, J., Lee, P.P.C., Lou, W.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014). doi:10.1109/TPDS.2013.284
Li, J., Huang, Q., Chen, X., Chow, S.S.M., Wong, D.S., Xie, D.: Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22–24, 2011, pp. 386–390 (2011). doi:10.1145/1966913.1966964
Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25(8), 2201–2210 (2014)
Li, J., Jia, C., Li, J., Chen, X.: Outsourcing encryption of attribute-based encryption with mapreduce. In: Information and Communications Security, Proceedings of 14th International Conference, ICICS 2012, Hong Kong, China, October 29–31, 2012. pp. 191–201 (2012)
Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015). doi:10.1109/TC.2013.208
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Advances in Cryptology—CRYPTO 2001. In: Proceedings of 21st Annual International Cryptology Conference, Santa Barbara, California, August 19–23, 2001, pp. 41–62 (2001). doi:10.1007/3-540-44647-8_3
Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, VA, October 28–31, 2007, pp. 195–203 (2007)
Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, Ioctober 30–November 3, 2006, pp. 99–112 (2006)
Ren, Y., Shen, J., Wang, J., Han, J., Lee, S.: Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16(2), 317–324 (2015)
Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Advances in Cryptology—CRYPTO 2012. Proceedings of 32nd Annual Cryptology Conference, Santa Barbara, CA, August 19–23, 2012. pp. 199–217 (2012). doi:10.1007/978-3-642-32009-5_13
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology - EUROCRYPT 2005, Proceedings of 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005, pp. 457–473 (2005)
Shen, J., Tan, H., Moh, S., Chung, I., Liu, Q., Sun, X.: Enhanced secure sensor association and key management in wireless body area networks. J. Commun. Netw. 17(5), 453–462 (2015). doi:10.1109/JCN.2015.000083
Shen, J., Tan, H., Wang, J., Wang, J., Lee, S.: A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16(1), 171–178 (2015)
Shi, Y., Zheng, Q., Liu, J., Han, Z.: Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Inf. Sci. 295, 221–231 (2015). doi:10.1016/j.ins.2014.10.020
Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., Zhao, M.: Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing
Wang, H., Zheng, Z., Wu, L., Wang, Y.: Adaptively secure outsourcing ciphertext-policy attribute-based encryption. J. Comput. Res. Dev. 52(10), 2270–2280 (2015)
Acknowledgements
This study was funded by the National Natural Science Foundation of China (Grant Numbers 61572294, 61672330, 61602287, 61632020), the Natural Science Foundation of Shandong Province (Grant Number ZR2013FQ021), the Distinguished Young Scholars Fund of Education (No. Yq2013126) , and the Natural Science Foundation of Guangdong Province for Distinguished Young Scholars (2014A030306020).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, H., Zheng, Z., Wu, L. et al. New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Cluster Comput 20, 2385–2392 (2017). https://doi.org/10.1007/s10586-016-0701-7
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-016-0701-7