Multi-authority and revocable attribute-based encryption scheme
- LI Yan-ping, QI Yan-jiao, ZHANG Kai, WEI Xu-guang
JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE). 2018, 53(7):
Related Articles |
Most of the existing attribute-based encryption schemes are based on a single authority. That is, there is only one authority in the system to issue the key to the user. The curious authority will speculate the user's identity, occupation and other private information by the user's attributes. In particular, if the single authority suffered malicious attacks, it maybe cause the leakage of private key and the breach of cloud data confidentiality. In order to avoid the above two kinds of problems, multi-authority is introduced in this paper. The different authorities manage different attributes and distribute the attributes key to users, which greatly decreases the single authority's workload, improves the protection of user privacy data and solves the key escrow under a single or abuse authority. AND, OR and Threshold are flexible realized by using the access tree, and the user identity is set in the access tree to achieve the user's direct revocation. When the revocation occurs, the whole system only needs to update parts of the ciphertext without updating the attribute key, thus reducing the computational overhead of the cloud storage message. Finally, the proposed scheme is proved secure under the chosen identity attribute attack in the standard model, and the security of the scheme is built on the hardness assumption of decision bilinear Diffie-Hellman(DBDH)problem.