Research On Multi-authority Attribute-based Encryption With Revocation

As a new type of public key encryption mechanism,the attribute-based encryption(ABE)mechanism is applicable to cloud storage because of its flexibility,high efficiency and collusion resistance characteristics.In the single authority ABE system,there are some disadvantages,such as the overpressure of the authority and key escrow,which affect the application of the system in the practical situation.Multi-authority ABE allows multiple independent attribute authorities to respectively manage attributes and assign private keys related to attributes,reducing the work pressure of single attribute authority and the dependence on single authority.So far,the research on multi-authority ABE has made some progress,but there are still some problems remained to be further researched.First of all,considering that a user may leave the system or the user's attributes change,the revocation of the user or his attributes is an important problem to be solved in the practical application of ABE.Secondly,the user needs to submit his identity information when he applies private keys from the attribute authorities.However,the malicious authorities may trace the user's attribute set from the user's identity information.In addition,in most of multi-authority ABE schemes,the access structure is sent along with the ciphertext,but the access structure also contains some privacy information,so it is necessary to hide the access structure.In this paper,we mainly focus on the study of multi-authority ABE which supports revocation.Our work is as follows:1.We propose a multi-authority ABE scheme which can support user revocation and large attribute universe.When a revocation event occurs,there is no need to update the private key but to update part of the ciphertext,and this part of the work is done by the cloud server.In the initialization phase,the size of the attribute set does not need to be pre-fixed,and the public parameters do not increase with the increase of the number of attributes.Each attribute authority independently complete the key generation and distribution and there is no cooperation between different attribute authorities.Our scheme is proven to be selectively secure under q-type assumption in the standard model.2.We propose a multi-authority ABE scheme which has the function of privacy protection and supports the attribute revocation.In the stage of key distribution,the user can get the private key from the attribute authority without disclosing the personal identity information.In the encryption and decryption phase,the access structure can be fully hidden.Because the private key is bounded to the user's global identifier(GID),the proposed scheme can resist collusion attacks between unauthorized users.Our scheme is proven to be selectively secure under q-parallel Bilinear Diffie-Hellman Exponent Assumption in the random oracle model.