| Attribute revocation is crucial to the practical use of attribute basedencryption. Most of the existing revocable attribute based encryptionschemes suffer in terms of delaying in revocation, coarse-grained attributerevocation or updating keys and ciphertexts. This thesis firstly summarizesthe related works about revocable attribute based encryption, pointing outthe research thinking through comparative analysis. We find out theexisting problems about revoking mechanism under the direct revocationand indirect revocation according to different revocation objects, andpropose corresponding solutions.One is proxy-based immediate attribute revocation key policyattribute based encryption under the indirect model without issuing newkeys or re-encrypting existing ciphertexts. It achieves attribute revocationby introducing a proxy in the decryption process and reduces the burdenfor the key authority. This construction supports fine-grained accesscontrol policies and achieves three kinds of revocation including systemattribute revocation, user revocation and user attribute revocation. Theother one is the scheme of ciphertext policy attribute based encryption thatsupports fine-grained attribute revocation under the direct revocationmodel. It can revoke any number of attributes that user possesses, solvingthe problem of coarse-grained attribute revocation or revoking only oneattribute per encryption. It avoids deviating from the concept of attributebased encryption in the only one existing scheme that supportsfine-grained attribute revocation under the direct revocation model. Finally,we summarize the existing open problems in revocable attribute basedcryptosystems, and prospect the future research directions and development trend. |
PDF Full Text Request