Secure Efficient Revocable Large Universe Multi-Authority Attribute-Based Encryption for Cloud-Aided IoT

Abstract

With the help of cloud computing, the ubiquitous and diversified Internet of things (IoT) has greatly improved human society. Revocable multi-authority attribute-based encryption (MA-ABE) is considered a promising technique to solve the security challenges on data access control in the dynamic IoT since it can achieve dynamic access control over the encrypted data. However, on the one hand, the existing revocable large universe MA-ABE suffers the collusion attack launched by revoked users and non-revoked users. On the other hand, the user collusion avoidance revocable MA-ABE schemes do not support large attributes (or users) universe, i.e. the flexible number of attributes (or users). In this article, the author proposes an efficient revocable large universe MA-ABE based on prime order bilinear groups. The proposed scheme supports user-attribute revocation, i.e., the revoked user only loses one or more attributes, and she/he can access the data so long as her/his remaining attributes satisfy the access policy. It is static security in the random oracle model under the q-DPBDHE2 assumption. Moreover, it is secure against the collusion attack launched by revoked users and non-revoked users. Meanwhile, it meets the requirements of forward and backward security. The limited-resource users can choose outsourcing decryption to save resources. The performance analysis results indicate that it is suitable for large-scale cross-domain collaboration in the dynamic cloud-aided IoT.