An efficient and provably secure time‐limited key management scheme for outsourced data

Abstract

SummaryA time‐limited data access control scheme allows a user's access to the data files only for a specified time period. A cryptographic solution to the time‐limited access control problem is by encrypting each data group associated with a time period with a distinct key. The data is encrypted by the data owner. The respective decryption keys are then distributed to authorized users by the data owner. A user requires one secret decryption key storage for each authorized time period. To reduce the secret key storage with each user, time‐limited hierarchical key management schemes are generally used. Many such schemes are proposed in the recent years. The objective of these schemes is system efficiency and data security. Construction of such schemes become more challenging when data is outsourced to an untrusted third party service provider. In current work, an efficient and secure time‐limited hierarchical key assignment scheme is proposed for key management suitable for data outsourcing scenario. We compare it with the other recent similar schemes. The scheme is formally proved against the modern stronger security notion called key indistinguishability.