Secure and efficient revocable key-aggregate cryptosystem for multiple non-predefined non-disjoint aggregate sets

Abstract

Revocation and renewal of access rights of users are desirable requirements of a practical access control solution. Recently, key-aggregate cryptosystems have attracted significant attention of the research community, due to their elegance and efficiency, as a tool for access control enforcement. However, key-aggregate encryption schemes proposed so far in the literature are suitable only for enforcing static predefined access control policies. This paper proposes a novel key-aggregate encryption scheme that efficiently handles dynamic access control policies. The proposed scheme not only has all key-aggregate characteristics, but can also efficiently revoke/add any data class from/to a given aggregate set. Further, unlike conventional key-aggregate cryptosystems, the proposed scheme can introduce a new data class in the cryptosystem without having to initialize it all over again. The proposed scheme requires constant length master-secret to be stored by the data owner and is proved IND-CPA secure under standard model assumption. We define forward security for the proposed key-aggregate cryptosystem and formally prove that the proposed construction is secure under the definition of forward security. Performance analysis in a practical dynamic hierarchical access control scenario further confirms suitability of the proposed scheme for enforcing dynamic access control policies.