TRAK-CPABE: A novel Traceable, Revocable and Accountable Ciphertext-Policy Attribute-Based Encryption scheme in cloud computing

Abstract

Ciphertext Policy Attribute Based Encryption (CPABE) offers fine-grained access control in Cloud Computing environment. It is considered as the most promising one-to-many encryption mechanism. However, a Cloud user can delegate decryption privileges to unauthorized users for profits. The key abuse issue is not the only limit with this model for the reason that when the malicious user has been caught, it cannot be revoked. To address these problems, we propose a Traceable, Revocable, Accountable and Key-escrow free CPABE scheme (TRAK-CPABE). This solution supports white-box traceability and direct revocation. The main idea of this work is to divide the original data after publishing in cloud server. In the case of user revocation, one single slice is affected. Data owner needs to retrieve, re-encrypt and re-publish it. In addition, shared keys will be traced and conflict scenario will be resolved. More, the traceability of TRAK-CPABE depends on the l-Strong Diffie–Hellman (l-SDH) and Indistinguishability under chosen-plaintext attack (IND-CPA. The security of the proposed scheme is proved formally by using the Scyther tool. Furthermore, the experimental results show the efficiency of the proposed solution.