Abstract:
Attribute-based encryption is a new access control scheme based on cryptography, which is suitable for data sharing. However, the large computational and communication costs of encryption and access policy updating limit the practical application of attribute-based encryption. Moreover, most of proposed outsourcing ABE schemes do not provide a ciphertext correctness verification method for data owners. Thus, an outsourced ABE scheme with dynamic policy updating and real-time verification of ciphertext correctness is proposed to further protect data privacy in an untrusted cloud environment. In the scheme, the design of policy updating references outsourced encryption, which reduces the computational cost of generating update key. The design of ciphertext correctness verification algorithm refers to decryption operation and introduces verification transformation key to make ciphertext verification more efficient. According to different cloud environment models, efficient verification algorithm and strict verification algorithm are designed, which are suitable for honest but curious cloud environment and untrustworthy cloud environment respectively. The scheme is secure against chosen plaintext attack under the standard model. Performance analysis and efficiency comparison show that the computation of local encryption, policy updating and ciphertext verification are reduced, and the scheme is more lightweight, which is suitable for the application of computation-constrained devices in access control scenarios.