Skip to main content
SpringerLink
Log in

New directly revocable attribute-based encryption scheme and its application in cloud storage environment

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Attribute-based encryption (ABE) is a special type of cryptosystem, which provide encryption and decryption functions based on users attributes. Due to the functionality and flexibility of ABE, it is considered to be suitable for providing data security and privacy preserving security in the cloud storage environment. However, lack of user revocation mechanism is considered to be a disadvantage of traditional ABE. In this paper, we study the direct revocation mechanism of ciphertext-policy ABE (CP-ABE), construct a new directly revocable CP-ABE in the composite order group, and prove it to achieve adaptive security using dual system encryption in the standard model. On this basis, we introduce user revocation centre (URC) in this system, and outsource the revocation tasks to URC. Users need not to master the latest revocation list for encrypting, and need not to pay any additional computing for revocation. In addition, when revocation list changes, URC can update the ciphertexts for users. Finally, we introduce how to deploy our schemes in cloud storage environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Aiello, W., Lodha, S., Ostrovsky, R.: Fast digital identity revocation (extended abstract). In: Advances in Cryptology—CRYPTO ’98, Proceedings of 18th Annual International Cryptology Conference, Santa Barbara, California, August 23–27, 1998, pp. 137–152 (1998). doi:10.1007/BFb0055725

  2. Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Cryptography and Coding, Proceedings of 12th IMA International Conference, Cryptography and Coding 2009, Cirencester, UK, December 15–17, 2009. pp. 278–300 (2009). doi:10.1007/978-3-642-10868-6_17

  3. Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Pairing-Based Cryptography—Pairing 2009, Proceedings of Third International Conference, Palo Alto, CA, August 12–14, 2009, pp. 248–265 (2009). doi:10.1007/978-3-642-03298-1_16

  4. Beimel, A.: Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa (1996)

  5. Chase, M.: Multi-authority attribute based encryption. In: Theory of Cryptography, Proceedings of 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, February 21–24, 2007, pp. 515–534 (2007)

  6. Cui, H., Deng, R.H., Li, Y., Qin, B.: Server-aided revocable attribute-based encryption. In: Computer Security—ESORICS 2016. Proceedings of 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26–30, 2016, Part II, pp. 570–587 (2016). doi:10.1007/978-3-319-45741-3_29

  7. Fu, Z., Ren, K., Shu, J., Sun, X., Huang, F.: Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans. Parallel Distrib. Syst. 27(9), 2546–2559 (2016). doi:10.1109/TPDS.2015.2506573

  8. Fu, Z., Sun, X., Liu, Q., Zhou, L., Shu, J.: Achieving efficient cloud search services: Multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans. 98-B(1), 190–200 (2015). http://search.ieice.org/bin/summary.php?id=e98-b_1_190

  9. Garg, S., Gentry, C., Halevi, S., Sahai, A., Waters, B.: Attribute-based encryption for circuits from multilinear maps. In: Advances in Cryptology—CRYPTO 2013. Proceedings of 33rd Annual Cryptology Conference, Santa Barbara, CA, August 18–22, 2013. Part II, pp. 479–499 (2013). doi:10.1007/978-3-642-40084-1_27

  10. Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Automata, Languages and Programming, 35th International Colloquium, ICALP 2008, Reykjavik, Iceland, July 7–11, 2008, Proceedings, Part II - Track B: Logic, Semantics, and Theory of Programming & Track C: Security and Cryptography Foundations, pp. 579–591 (2008)

  11. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, October 30–November 3, 2006, pp. 89–98 (2006)

  12. Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Proceedings of 20th USENIX Security Symposium, San Francisco, CA, USA, August 8–12 (2011)

  13. He, D., Kumar, N., Chilamkurti, N.K.: A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci. 321, 263–277 (2015). doi:10.1016/j.ins.2015.02.010

    Article  Google Scholar 

  14. He, D., Kumar, N., Shen, H., Lee, J.H.: One-to-many authentication for access control in mobile pay-tv systems. Sci. China Inf. Sci. (2016). doi:10.1007/s11432-015-5469-5

  15. He, D., Wang, D.: Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J. 9(3), 816–823 (2015). doi:10.1109/JSYST.2014.2301517

    Article  Google Scholar 

  16. He, D., Zeadally, S.: Authentication protocol for an ambient assisted living system. IEEE Commun. Mag. 53(1), 71–77 (2015). doi:10.1109/MCOM.2015.7010518

    Article  Google Scholar 

  17. He, D., Zeadally, S., Kumar, N., Lee, J.H.: Anonymous authentication for wireless body area networks with provable securit. IEEE Syst. J. (2016). doi:10.1109/JSYST.2016.2544805

  18. He, D., Zeadally, S., Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. (2015). doi:10.1109/JSYST.2015.2428620

  19. Huang, X., Liu, J.K., Tang, S., Xiang, Y., Liang, K., Xu, L., Zhou, J.: Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans. Comput. 64(4), 971–983 (2015). doi:10.1109/TC.2014.2315619

    Article  MathSciNet  MATH  Google Scholar 

  20. Lewko, A.B., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology—EUROCRYPT 2010, Proceedings of 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. pp. 62–91 (2010)

  21. Lewko, A.B., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Theory of Cryptography, Proceedings of 7th Theory of Cryptography Conference, TCC 2010, Zurich, February 9–11, 2010. pp. 455–479 (2010)

  22. Li, J., Chen, X., Li, M., Li, J., Lee, P.P.C., Lou, W.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014). doi:10.1109/TPDS.2013.284

    Article  Google Scholar 

  23. Li, J., Huang, Q., Chen, X., Chow, S.S.M., Wong, D.S., Xie, D.: Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011, Hong Kong, China, March 22–24, 2011, pp. 386–390 (2011). doi:10.1145/1966913.1966964

  24. Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25(8), 2201–2210 (2014)

    Article  Google Scholar 

  25. Li, J., Jia, C., Li, J., Chen, X.: Outsourcing encryption of attribute-based encryption with mapreduce. In: Information and Communications Security, Proceedings of 14th International Conference, ICICS 2012, Hong Kong, China, October 29–31, 2012. pp. 191–201 (2012)

  26. Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015). doi:10.1109/TC.2013.208

    Article  MathSciNet  MATH  Google Scholar 

  27. Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Advances in Cryptology—CRYPTO 2001. In: Proceedings of 21st Annual International Cryptology Conference, Santa Barbara, California, August 19–23, 2001, pp. 41–62 (2001). doi:10.1007/3-540-44647-8_3

  28. Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, VA, October 28–31, 2007, pp. 195–203 (2007)

  29. Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, Ioctober 30–November 3, 2006, pp. 99–112 (2006)

  30. Ren, Y., Shen, J., Wang, J., Han, J., Lee, S.: Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16(2), 317–324 (2015)

    Google Scholar 

  31. Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Advances in Cryptology—CRYPTO 2012. Proceedings of 32nd Annual Cryptology Conference, Santa Barbara, CA, August 19–23, 2012. pp. 199–217 (2012). doi:10.1007/978-3-642-32009-5_13

  32. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology - EUROCRYPT 2005, Proceedings of 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005, pp. 457–473 (2005)

  33. Shen, J., Tan, H., Moh, S., Chung, I., Liu, Q., Sun, X.: Enhanced secure sensor association and key management in wireless body area networks. J. Commun. Netw. 17(5), 453–462 (2015). doi:10.1109/JCN.2015.000083

    Article  Google Scholar 

  34. Shen, J., Tan, H., Wang, J., Wang, J., Lee, S.: A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16(1), 171–178 (2015)

    Google Scholar 

  35. Shi, Y., Zheng, Q., Liu, J., Han, Z.: Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Inf. Sci. 295, 221–231 (2015). doi:10.1016/j.ins.2014.10.020

    Article  MathSciNet  MATH  Google Scholar 

  36. Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., Zhao, M.: Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing

  37. Wang, H., Zheng, Z., Wu, L., Wang, Y.: Adaptively secure outsourcing ciphertext-policy attribute-based encryption. J. Comput. Res. Dev. 52(10), 2270–2280 (2015)

    Google Scholar 

Download references

Acknowledgements

This study was funded by the National Natural Science Foundation of China (Grant Numbers 61572294, 61672330, 61602287, 61632020), the Natural Science Foundation of Shandong Province (Grant Number ZR2013FQ021), the Distinguished Young Scholars Fund of Education (No. Yq2013126) , and the Natural Science Foundation of Guangdong Province for Distinguished Young Scholars (2014A030306020).

Author information

Authors and Affiliations

  1. School of Information Science and Engineering, Shandong Normal University, Jinan, China

    Hao Wang, Zhihua Zheng & Lei Wu

  2. School of Computer Science, Guangzhou University, Guangzhou, China

    Ping Li

Authors
  1. Hao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhihua Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lei Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ping Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hao Wang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, H., Zheng, Z., Wu, L. et al. New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Cluster Comput 20, 2385–2392 (2017). https://doi.org/10.1007/s10586-016-0701-7

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-016-0701-7

Keywords

Search

Navigation