Lattice-based multi-authority ciphertext-policy attribute-based searchable encryption with attribute revocation for cloud storage

Abstract

Multi-authority attribute-based searchable encryption (MABSE) is an flexible and efficient way to securely share and search encrypted data. Compared with single-authority systems, MABSE has more complex access control policies and key management mechanism. However, most existing MABSE schemes rely on traditional number-theoretic assumptions, which maybe vulnerable to attack in the era of quantum-computers. Besides, the effective revocation of user attributes is also crucial in searchable encryption. To overcome these challenges, this paper proposes a new multi-authority ciphertext-policy attribute-based searchable encryption scheme for securely sharing encrypted data in the cloud. By calling Shamir’s threshold secret-sharing technology twice, we achieve co-management of the master key by attribute authorities and interactive generation of user private keys. Furthermore, the KUNodes algorithm is employed for attribute revocation, offering a mechanism to update private keys for non-revoked users. Compared to other schemes, MCP-ABSE-AR introduces multiple attribute authorities responsible for managing user attributes collectively. Additionally, it provides functionalities for keyword searching and attribute revocation. Finally, the proposed scheme is proved to be semantically secure under the decision learning with errors problem in the standard model.