A revocable attribute-based access control system using blockchain

Abstract

Attribute-based access control is an effective cryptographic mechanism that allows a data owner to perform attribute-level access control over users’ access capabilities. In the application background of blockchain, it is urgent to use attribute-based access control to solve a series of security problems. Although there exist several similar schemes, they do not consider attribute revocation. By adopting the attribute revocation technique based on binary trees, we extended Waters’ ciphertext policy attribute-based encryption (CP-ABE) scheme into a revocable CP-ABE (RCP-ABE) scheme. By combining our RCP-ABE with blockchain, we constructed a revocable attribute-based access control system. The new system supports expressive access control policies and allows the attribute authority to revoke users’ attributes or part of their attributes. The security analysis shows that the new system satisfies several ideal properties, i.e., forward security, backward security, confidentiality, and integrity.