| Distributed information systems require complex access control which depends upon attributes of protected data and access policies.Traditionally, to enforce the access control, a file server is used to restore all data and acts as a reference to check the user. Apparently, the drawback of this system's security is based on the file server and the data is restored in plaintext. Attribute based encryption(ABE) was introduced first by Sahai and Waters that enables an access control mechanism over encrypted data by specifying the users' attributes. Employs this mechanism, even the file server is compromised, we can still keep the security of the data. Besides the access control, user may be deprived of the ability in some situation, for example pay TV. More previous ABE constructions were proven secure in the selective model of security, and few of them realize revocation of the users' key. This paper will present an ABE scheme that supports revocation and has full security by adapting the dual system encryption methodology.The major contributions include:1. We adapt the dual system encryption technique to ABE case to gain full security. 2. The proof employs a sequence of security games which the ciphertext and queried keys are changed to semi-functional one by one.3. We add the Complete Binary Tree technique to realize user's revocation. |
PDF Full Text Request