Attribute-based encryption scheme supporting attribute revocation in cloud storage environment

被引：0

作者：

Sun L. ^{[1
]}

Zhao Z. ^{[2
]}

Wang J. ^{[1
]}

Zhu Z. ^{[1
]}

机构：

[1] The Third Institute, Strategic Support Force Information Engineering University, Zhengzhou

[2] Troops 61516, Beijing

来源：

Tongxin Xuebao/Journal on Communications | 2019年 / 40卷 / 05期

基金：

国家重点研发计划;

关键词：

Attribute revocation; Attribute-based encryption; Cloud storage; Collusion attack; Outsourced decryption;

D O I：

10.11959/j.issn.1000-436x.2019116

中图分类号：

学科分类号：

摘要：

Attribute-based encryption (ABE) scheme is widely used in the cloud storage due to its fine-grained access control. Each attribute in ABE may be shared by multiple users at the same time. Therefore, how to achieve attribute-level user revocation is currently facing an important challenge. Through research, it has been found that some attribute-level user revocation schemes currently can't resist the collusion attack between the revoked user and the existing user. To solve this problem, an attribute-based encryption scheme that supported the immediate attribute revocation was proposed. The scheme could achieve attribute-level user revocation and could effectively resist collusion attacks between the revoked users and the existing users. At the same time, this scheme outsourced complex decryption calculations to cloud service providers with powerful computing ability, which reduced the computational burden of the data user. The scheme was proved secure based on computational Diffie-Hellman assumption in the standard model. Finally, the functionality and efficiency of the proposed scheme were analyzed and verified. The experimental results show that the proposed scheme can safely implement attribute-level user revocation and has the ability to quickly decrypt, which greatly improves the system efficiency. © 2019, Editorial Board of Journal on Communications. All right reserved.

引用

页码：47 / 56

页数：9

共 19 条

[1] Subashini S., Kavitha V., A survey on security issues in service delivery models of cloud computing, Journal of Network and Computer Applications, 34, 1, pp. 1-11, (2011)
[2] Sahai A., Waters B., Fuzzy identity-based encryption, The 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 457-473, (2005)
[3] Yao L., Yang C., Ma J.F., Et al., New user revocation approach based on intermediate agency for cloud data access control, Journal on Communications, 36, 11, pp. 92-101, (2015)
[4] Goyal V., Pandey O., Sahai A., Et al., Attribute-based encryption for fine-grained access control of encrypted data, The 13th ACM Conference on Computer and Communications Security, pp. 89-98, (2006)
[5] Bethencourt J., Sahai A., Waters B., Ciphertext-policy attribute-based encryption, IEEE Symposium on Security and Privacy, pp. 321-334, (2007)
[6] Sookhak M., Yu F.R., Khan M.K., Et al., Attribute-based data access control in mobile cloud computing: Taxonomy and open issues, Future Generation Computer Systems, 72, C, pp. 273-287, (2017)
[7] Li Y., Zeng Z.Y., Zhang X.F., Outsourced decryption scheme supporting attribute revocation, Journal of Tsinghua University (Science & Technology), 53, 12, pp. 1664-1669, (2013)
[8] Pirretti M., Traynor P., Mcdaniel P., Et al., Secure attribute-based systems, The 13th AMC Conference on Computer and Communications Security, pp. 99-112, (2006)
[9] Rafaeli S., Hutchison D., A survey of key management for secure group communication, ACM Computing Surveys, 35, 3, pp. 309-329, (2003)
[10] Ibraimi L., Petkovic M., Nikova S., Et al., Mediated ciphertext-policy attribute-based encryption and its application, The 10th International Workshop on Information Security Applications, pp. 309-323, (2009)

← 1 2 →