Server-aided revocable attribute-based encryption

Author

Hui CUI, Singapore Management UniversityFollow
DENG, Robert H., Singapore Management UniversityFollow
Yingjiu LI, Singapore Management UniversityFollow
Baodong QIN, Southwest University of Science and Technology

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

9-2016

Abstract

As a one-to-many public key encryption system, attribute-based encryption (ABE) enables scalable access control over encrypted data in cloud storage services. However, efficient user revocation has been a very challenging problem in ABE. To address this issue, Boldyreva, Goyal and Kumar [5] introduced a revocation method by combining the binary tree data structure with fuzzy identity-based encryption, in which a key generation center (KGC) periodically broadcasts key update information to all data users over a public channel. The Boldyreva-Goyal-Kumar approach reduces the size of key updates from linear to logarithm in the number of users, and it has been widely used in subsequent revocable ABE systems; however, it requires each data user to keep a private key of logarithmic size and all non-revoked data users to periodically update decryption keys for each new time period. To further optimize user revocation in ABE, in this paper, we propose a notion called server-aided revocable ABE (SR-ABE), in which almost all workloads of data users incurred by user revocation are delegated to an untrusted server and each data user only needs to store a key of constant size. We then define a security model for SR-ABE, and present a concrete SR-ABE scheme secure under this model. Interestingly, due to the key embedding gadget employed in the construction of SR-ABE, our SR-ABE scheme does not require any secure channels for key transmission, and also enjoys an additional property in the decryption phase, where a data user only needs to perform one exponentiation computation to decrypt a ciphertext.

Keywords

Revocation, Attribute-based encryption, Server-aided

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Computer security ESORICS 2016: 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30: Proceedings

Volume

9879

First Page

570

Last Page

587

ISBN

9783319457406

Identifier

10.1007/978-3-319-45741-3_29

Publisher

Springer

City or Country

Cham

Citation

CUI, Hui; DENG, Robert H.; Yingjiu LI; and QIN, Baodong. Server-aided revocable attribute-based encryption. (2016). Computer security ESORICS 2016: 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30: Proceedings. 9879, 570-587.
Available at: https://ink.library.smu.edu.sg/sis_research/3348

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-319-45741-3_29