ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2018, Vol. 55 ›› Issue (6): 1190-1200.doi: 10.7544/issn1000-1239.2018.20170063

Previous Articles     Next Articles

Revocable Attribute Based Encryption in Cloud Storage

Wang Guangbo1, Liu Haitao1, Wang Chenlu1, Wang Pengcheng1, Lian Lin2, Hui Wentao3   

  1. 1(31008 Force, Beijing 100036); 2(61660 Force, Beijing 100036); 3(61046 Force, Beijing 100094)
  • Online:2018-06-01

Abstract: Attribute-based encryption (ABE) scheme which can achieve fine-grained access control is more and more widely used in cloud storage. However, it is an important challenge to solve dynamic user and attribute revocation in the original scheme. In order to solve this problem, this paper proposes a ciphertext-policy ABE (CP-ABE) scheme which can achieve attribute level user attribution, namely if an attribute of some user is revoked, it cannot influence the common access of other legitimate attributes. If an attribute is revoked, the ciphertext corresponding to this attribute should be updated based on the designed broadcast attribute-based encryption scheme so that only the persons whose attributes meet the access strategy and have not been revoked will be able to carry out the key updating and decrypt the ciphertext successfully. Our scheme is proved secure based on the q-Parallel Bilinear Diffie-Hellman Exponent assumption in the standard model, therefore, it has stronger security. In addition, the relative operations associated with the attributes revocation are migrated to the cloud storage provider (CSP) to implement, which reduces the computational load of attribute authority (AA) greatly. Finally, the performance analysis and experimental verification are carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although our scheme increases the computational load of CSP for achieving the attribute revocation, it does not need the participation of AA, which reduces the computational load of AA. In addition, the user does not need any additional parameters to achieve the attribute revocation except of the private key, thus saving the storage space greatly.

Key words: attribute-based encryption (ABE), data outsourcing, ciphertext policy, revocation, access control

CLC Number: