Abstract
Multiauthority ciphertext-policy attribute-based encryption (MA-CP-ABE) is a promising technique for secure data sharing in cloud storage. As multiple users with same attributes have same decryption privilege in MA-CP-ABE, the identity of the decryption key owner cannot be accurately traced by the exposed decryption key. This will lead to the key abuse problem, for example, the malicious users may sell their decryption keys to others. In this paper, we first present a traceable MA-CP-ABE scheme supporting fast access and malicious users’ accountability. Then, we prove that the proposed scheme is adaptively secure under the symmetric external Diffie–Hellman assumption and fully traceable under the q -Strong Diffie–Hellman assumption. Finally, we design a traceable and revocable MA-CP-ABE system for secure and efficient cloud storage from the proposed scheme. When a malicious user leaks his decryption key, our proposed system can not only confirm his identity but also revoke his decryption privilege. Extensive efficiency analysis results indicate that our system requires only constant number of pairing operations for ciphertext data access.
Highlights
In recent years, the rise of the Internet of things [1] promotes the application and development of sensor technology [2,3,4]
We assume an adversary A breaks our T-MA-ciphertext-policy attribute-based encryption (CP-ABE) scheme in the random oracle model with advantage ε; we build a simulator B that breaks the scheme [20] in the random oracle model with advantage ε. en, we prove our T-MA-CPABE scheme is fully traceable based on the q-SDH assumption by a reduction to a signature scheme [32]
We presented a traceable and revocable MACP-ABE system in the prime order groups
Summary
The rise of the Internet of things [1] promotes the application and development of sensor technology [2,3,4]. Xiong et al [22] presented a revocable MA-ABE with outsourced decryption These schemes did not consider the trace problem. Zhang et al [16] presented a more efficient traceable MA-CP-ABE in prime order groups Their scheme only achieves statically secure and does not support user revocation. The common efficiency drawback of these schemes is that the number of pairing operations required to decrypt a ciphertext increases linearly with the number of attributes satisfying the access policy, which presents significant challenges for the users who access data by mobile devices. AS represents adaptively secure, MAS represents supporting any monotone access structures, ZST represents zero storage cost for tracing, POG represents constructed in prime order groups, FA represents constant pairing operations for data access, and R represents revocation.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
