Article: Expressive ciphertext-policy attribute-based encryption with direct user revocation Journal: International Journal of Embedded Systems (IJES) 2017 Vol.9 No.6 pp.495 - 504 Abstract: Attribute-based encryption enables fine-grained access control on sensitive data with a specific user set. However, traditional ABE schemes cannot satisfy practical requirements of data sharing applications where users may leave or join a system frequently. In this paper, a ciphertext-policy ABE scheme with direct user revocation (DUR-CP-ABE) is proposed. In DUR-CP-ABE, both the private key and the ciphertext contain partial components associated with a user identity and a revocation list, respectively. A user can decrypt a ciphertext if and only if he/she is not in the revocation list and his/her attribute set satisfies the access policy, simultaneously. In addition, whenever revocation events occur, only ciphertext components associated with the revocation list need to be updated. Finally, the DUR-CP-ABE scheme is proved selectively secure under the decisional <i>q</i>-bilinear Diffie-Hellman exponent assumption in the standard model. Compared with the existing revocation-related schemes, the new scheme can achieve high efficiency and ensure the expression ability of access structure. Inderscience Publishers - linking academia, business and industry through research

Title: Expressive ciphertext-policy attribute-based encryption with direct user revocation

Authors: Cuicui Bai; Yinghui Zhang; Hua Ma; Zhenhua Liu

Addresses: School of Mathematics and Statistics, Xidian University, Xi'an 710071, China ' National Engineering Laboratory for Wireless Security, Xi'an University of Posts and Telecommunications, Xi'an 710121, China; State Key Laboratory of Cryptology, P.O. Box 5159, Beijing 100878, China; State Key Laboratory of Information Security, Chinese Academy of Sciences, Institute of Information Engineering, Beijing 100093, China ' School of Mathematics and Statistics, Xidian University, Xi'an 710071, China ' School of Mathematics and Statistics, Xidian University, Xi'an 710071, China

Abstract: Attribute-based encryption enables fine-grained access control on sensitive data with a specific user set. However, traditional ABE schemes cannot satisfy practical requirements of data sharing applications where users may leave or join a system frequently. In this paper, a ciphertext-policy ABE scheme with direct user revocation (DUR-CP-ABE) is proposed. In DUR-CP-ABE, both the private key and the ciphertext contain partial components associated with a user identity and a revocation list, respectively. A user can decrypt a ciphertext if and only if he/she is not in the revocation list and his/her attribute set satisfies the access policy, simultaneously. In addition, whenever revocation events occur, only ciphertext components associated with the revocation list need to be updated. Finally, the DUR-CP-ABE scheme is proved selectively secure under the decisional q-bilinear Diffie-Hellman exponent assumption in the standard model. Compared with the existing revocation-related schemes, the new scheme can achieve high efficiency and ensure the expression ability of access structure.

Keywords: attribute-based encryption; ABE; user revocation; access control; data sharing.

DOI: 10.1504/IJES.2017.088035

International Journal of Embedded Systems, 2017 Vol.9 No.6, pp.495 - 504

Received: 30 Aug 2015
Accepted: 23 Dec 2015
Published online: 20 Nov 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Expressive ciphertext-policy attribute-based encryption with direct user revocation

Keep up-to-date