Revocable and Efficient Blockchain-Based Fine-Grained Access Control Against EDoS Attacks in Cloud Storage

Users have become accustomed to storing data on the cloud using ciphertext policy attribute-based encryption (CP-ABE) for fine-grained access control. However, this encryption method does not consider the ability of malicious users to launch thousands of file download requests when launching an economic denial of sustainability attack (EDoS), which may be more expensive for data owners. Existing solutions typically use a cloud server to verify the download permissions of the data users. However, cloud servers are not completely trusted and cloud server providers and colluding data users can still launch an EDoS attack. With our scheme, using CP-ABE, a blockchain is introduced for verifying the download permission of data users. In addition, we propose a new mechanism to solve the problem of malicious user revocations under EDoS attacks by updating the ciphertext and symmetric encryption technology. A formal security proof has demonstrated that the proposed scheme is suitable for plaintext attack security. Theoretical and experimental analyses show that our scheme performs more efficiently than previous methods.