Research On Revocable Attribute-Based Encryption Scheme For Large Universe

Nowadays,cloud computing has attracted wide attentions from all walks of life.For one thing,cloud computing can provide powerful computing capabilities for resourceconstrained devices.For another thing,cloud computing allows data users to store and deliver their data in cloud server for ease of sharing.However,cloud computing still confronts with many security issues,such as the confidentiality and access control of stored data.Attribute-based encryption can not only guarantee the data confidentiality,but also support fine-grained and non-interactive access control mechanism of encrypted data.Traditional attribute-based encryption can solve the problem of data sharing in cloud computing,but it still faces some new security issues in practical applications.Firstly,in practical data sharing system,users' keys could be leaked or users often leave the system.It is inevitable to take into account the revocation of users and attributes.However,revocable attribute-based encryption alone cannot prevent revoked users from decrypting ciphertexts that were generated before revocation.Thus a complete solution has to support the revocation and ciphertext updating functionality.Secondly,due to the self-interest,the dishonest cloud server may return incorrect updated ciphertexts to users.Therefore,it is a critical challenge to effectively verify the correctness of updated ciphertexts.In addition,considering the scalability of the system,it is of significance to study large universe attribute-based encryption.Aiming to tackle these problems,the main works of this paper are given as follows:1.A directly revocable and verifiable key-policy attribute-based encryption scheme for large universe is proposed.The proposed scheme supports large universe,in which attributes do not need to be enumerated at the stage of setup and a large number of new attributes can be added to the system at any time.Meanwhile,the scheme allows the trusted authority to revoke users by only updating the revocation list without interaction with non-revoked users.The scheme uses the subset difference method for revocation which greatly improves the broadcast efficiency.In addition,the proposed scheme can update ciphertexts with public information,and verify the correctness of updated ciphertexts.Secure analyses show that the new scheme is proven to be selectively secure under the q-type assumption in the standard model.2.A large universe ciphertext-policy attribute-based encryption scheme is proposed with fully fine-grained attribute revocation.In this scheme,the decryption key is related to the set of attributes and a user's identity.The ciphertext is associated with the access policy and a revocation list.If the user is not in the revocation list which is corresponding with a revoked attribute,then she or he can compute a decryption information segment with respect to this attribute.Then,the user can recover the message by these decryption information segments if and only if all non-revoked attributes satisfy the access policy.The proposed scheme is proven to be selectively secure under the q-type assumption in the standard model.