New directly revocable attribute-based encryption scheme and its application in cloud storage environment

Abstract

Attribute-based encryption (ABE) is a special type of cryptosystem, which provide encryption and decryption functions based on users attributes. Due to the functionality and flexibility of ABE, it is considered to be suitable for providing data security and privacy preserving security in the cloud storage environment. However, lack of user revocation mechanism is considered to be a disadvantage of traditional ABE. In this paper, we study the direct revocation mechanism of ciphertext-policy ABE (CP-ABE), construct a new directly revocable CP-ABE in the composite order group, and prove it to achieve adaptive security using dual system encryption in the standard model. On this basis, we introduce user revocation centre (URC) in this system, and outsource the revocation tasks to URC. Users need not to master the latest revocation list for encrypting, and need not to pay any additional computing for revocation. In addition, when revocation list changes, URC can update the ciphertexts for users. Finally, we introduce how to deploy our schemes in cloud storage environment.