Abstract
Decentralized ciphertext-policy attribute-based encryption (CP-ABE) is considered a promising cryptographic primitive to enable fine-grained access control over encrypted data. The revocation is a necessary mechanism in real-world access control systems. However, existing revocation mechanisms in CP-ABE either are triggered periodically and cannot revoke users in a timely manner, or require a trusted third-party proxy to assist in revocation. In this work, we present a decentralized CP-ABE scheme that supports periodic attribute-level revocation as well as immediate attribute-level revocation, simultaneously. It means that once an attribute key of a user naturally expires or is identified as leaked, that attribute will be revoked and then become unavailable instantly, remaining the users' other attributes still active. Moreover, we provide optional outsourced decryption capabilities. Resource-constrained users can choose to outsource partial decryption to any third-party proxy without disclosing the underlying plaintext. The performance analysis demonstrates that our proposal is better in functionality compared with existing schemes. Our scheme is proven secure against chosen-plaintext attacks in the random oracle model.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
