Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating

Takeru Naruse, Masami Mohri, Yoshiaki Shiraishi
2015 Human-Centric Computing and Information Sciences  
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on a cloud storage system. In CP-ABE, the data owner encrypts data under the access structure over attributes and a set of attributes assigned to users is embedded in user's secret key. A user is able to decrypt if his attributes satisfy the ciphertext's access structure. In CP-ABE, processes of user's attribute revocation and grant are concentrated on the authority and the data owner. In this paper, we
more » ... pose a ciphertext-policy attribute-based encryption scheme delegating attribute revocation processes to Cloud Server by proxy re-encryption. The proposed scheme does not require generations of new secret key when granting attributes to a user and supports any Linear Secret Sharing Schemes (LSSS) access structure. We prove that the proposed scheme is secure against attack by unauthorized users and Cloud Server. Background Sharing of data on a cloud storage has a risk of information leakage caused by service provider's abuse. In order to protect data, the data owner encrypts data shared on the cloud storage so that only authorized users can decrypt. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) [1,2] is suitable for data access control in the cloud storage system. The authority manages the attributes in the system. The data owner chooses an access structure and encrypts message under the access structure. The set of attributes assigned to users is embedded in his secret key. A user is able to decrypt a ciphertext if his attributes satisfy the ciphertext's access structure. There are user's attribute revocation and grant in CP-ABE. In simple processes of user's attribute revocation, when his attributes are revoked, the data owner re-encrypts the shared data so that revoked user cannot decrypt. Then, the authority redistributes new secret keys so that other users can decrypt. In simple processes of user's attribute grant, the authority generates a new secret key. These simple processes are concentrated on the data owner and the authority.
doi:10.1186/s13673-015-0027-0 fatcat:d74dfshzubfg7byu4yyywsx4dy