Abstract
Cloud storage is a new computing paradigm that allows users to store their data in the cloud and access them anytime anywhere through the Internet. To address the various security issues that may arise in the cloud storage accessed by a large number of users, cryptographic encryption should be considered. Currently, researches on revocable attribute-based encryption (RABE) systems, which provide user revocation function and ciphertext update function by extending attribute-based encryption (ABE) systems that provide access control to ciphertexts, are actively being studied. Recently, Xu et al. proposed a new RABE scheme that combines ABE and identity-based encryption (IBE) schemes to efficiently handle ciphertext update and user revocation functionality. In this paper, we show that there is a serious security problem in Xu et al.’s RABE scheme such that a cloud server can obtain the plaintext information of stored ciphertexts by gathering invalidated credentials of revoked users. Additionally, we also show that the RABE scheme of Xu et al. can be secure in a weaker security model where the cloud server cannot obtain any invalidated credentials of revoked users.
Highlights
Cloud storage is a computing paradigm that stores data in a centralized cloud and allows users to access these data anytime anywhere on the Internet using simple client devices
We show that it is possible to break the security of the revocable attribute-based encryption (RABE) scheme of Xu et al [6]
The RABE scheme of Xu et al is described as follows: Setup(1λ, N, T, n): Let λ be the security parameter, N be the maximum number of users, T be the bounded system life time, and n be the maximum number of attributes
Summary
Cloud storage is a computing paradigm that stores data in a centralized cloud and allows users to access these data anytime anywhere on the Internet using simple client devices. The RABE scheme of Xu et al is described as follows: Setup(1λ, N , T , n): Let λ be the security parameter, N be the maximum number of users, T be the bounded system life time, and n be the maximum number of attributes It obtains a bilinear group (p, G, GT , e) by running G(1λ) where p is prime order of the groups. Encrypt(S, t, m, PP): Let S be an attribute set, t be time, and m be a message It obtains an encoded string et by running CTEncode(t, T ). A data owner who has a message m can create an original ciphertext CTt at time t by running Encrypt and he securely sends CTt to the cloud server for storing it in cloud storage. The data user can decrypt the ciphertext CTt by running Decrypt if he has a private key and his private key SKid is not yet revoked in a key update KUt on time t
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
