Privacy-Preserving Multi-authority Ciphertext-Policy Attribute-Based Encryption with Revocation

Abstract

Multi-authority attribute-based encryption (ABE) scheme can support the flexible fine-grained sharing of encrypted data and solve a completely trust problem about a single authorization center. However, in the previous multi-authority ABE schemes, the access policy is directly outsourced to the cloud storage server, resulting in the disclosure of access policy privacy. Furthermore, in order to obtain the corresponding secret keys, the user has to submit his global identifier (GID) to each attribute authority (AA). This will compromise the user’s privacy because the malicious authorities can collaborate to trace the user’s GID. In this paper, we propose a new multi-authority ciphertext-policy ABE scheme which can realize efficient attribute-level user revocation. In our scheme, the AA knows nothing about the user’s GID during the generation of the user’s secret key. The new scheme can protect the access policy privacy as the access policy is fully hidden to the cloud storage sever and users. In addition, our scheme supports any monotone access policy and is proven selectively secure.