Secure, efficient and revocable multi-authority access control system in cloud storage

Multi-Authority Attribute-Based Encryption (MA-ABE) is an emerging cryptographic primitive for enforcing fine-grained attribute-based access control on the outsourced data in cloud storage. However, most of the previous multi-authority attribute-based systems are either proven to be secure in a weak model or lack of efficiency in user revocation. In this paper, we propose MAACS (Multi-Authority Access Control System), a novel multi-authority attribute based data access control system for cloud storage. We construct a new multi-authority ciphertext-policy ABE (MA-CP-ABE) scheme with decryption outsourcing.The decryption overhead for users is largely eliminated by outsourcing the undesirable bilinear pairing operations to the cloud servers. The proposed MA-CP-ABE scheme is proven adaptively secure in the standard model and supports any monotone access policy. We also design an efficient attribute-level user revocation approach with less computation cost. The security analysis, numerical comparisons and implementation results indicate that our MAACS is secure, efficient and scalable. (C) 2016 Elsevier Ltd. All rights reserved.