Abstract
In this comment paper, we point out a security flaw in a data access control system which is built on ciphertext-policy attribute-based encryption (CP-ABE) and attribute-based signature schemes. In particular, we show that the underlying CP-ABE is vulnerable to the collusion attack. As a result, malicious users can collaborate to decrypt a ciphertext, which they are not authorized to decrypt.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have