Server-aided revocable attribute-based encryption for cloud computing services

Author

Hui CUI, Murdoch University
Tsz Hon YUEN, University of Hong Kong
Robert H. DENG, Singapore Management UniversityFollow
Guilin WANG, Huawei International Pte Ltd

Publication Type

Journal Article

Version

submittedVersion

Publication Date

1-2020

Abstract

Attribute-based encryption (ABE) has been regarded as a promising solution in cloud computing services to enable scalable access control without compromising the security. Despite of the advantages, efficient user revocation has been a challenge in ABE. One suggestion for user revocation is using the binary tree in the key generation phase of an ABE scheme, which enables a trusted key generation center to periodically distribute the key update information to all nonrevoked users over a public channel. This revocation approach reduces the size of key updates from linear to logarithmic in the number of users. But it requires each user to keep a private key of the logarithmic size, and asks each nonrevoked user to periodically update his/her decryption key for each new time period. To further optimize user revocation in ABE, a server-aided revocable ABE (SR-ABE) scheme has been proposed, in which almost all workloads of users incurred by the user revocation are outsourced to an untrusted server, and each user only needs to store a private key of the constant size. In addition, SR-ABE does not require any secure channel for the key transmission, and a user only needs to perform a small amount of calculations to decrypt a ciphertext. In this paper, we revisit the notion of SR-ABE, and present a generic construction of SR-ABE, which can transform a revocable ABE (RABE) scheme to an SR-ABE scheme. In addition, we give an instantiation of SR-ABE by applying the generic construction on a concrete RABE scheme, and implement an instantiation of SR-ABE and an RABE scheme to evaluate the performance of SR-ABE.

Keywords

access control, attribute-based encryption, cloud computing, outsourced computation, revocation

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Concurrency and Computation: Practice and Experience

ISSN

1532-0626

Identifier

10.1002/cpe.5680

Publisher

Wiley: 12 months

Citation

CUI, Hui; YUEN, Tsz Hon; DENG, Robert H.; and WANG, Guilin. Server-aided revocable attribute-based encryption for cloud computing services. (2020). Concurrency and Computation: Practice and Experience.
Available at: https://ink.library.smu.edu.sg/sis_research/5070

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1002/cpe.5680