Publication Type

Journal Article

Version

acceptedVersion

Publication Date

4-2019

Abstract

Attribute-based encryption (ABE) enables fine-grained access control over encrypted data. A practical and popular approach for handing revocation in ABE is to use the indirect revocation mechanism, in which a key generation centre (KGC) periodically broadcasts key update information for all data users over a public channel. Unfortunately, existing RABE schemes are vulnerable to decryption key exposure attack which has been well studied in the identity-based setting. In this paper, we introduce a new notion for RABE called re-randomizable piecewise key generation by allowing a data user to re-randmomize the combined secret key and the key update to obtain the decryption key, and the secret key is unrecoverable even both the decryption key and the key update are known by the attacker. We then propose a new primitive called re-randomizable attribute-based encryption (RRABE) that can achieve both re-randomizable piecewise key generation and ciphertext delegation. We also refine the existing security model for RABE to capture decryption key exposure resistance and present a generic construction of RABE from RRABE. Finally, by applying our generic transformation, we give a concrete RABE scheme achieving decryption key exposure resistance and ciphertext delegation simultaneously.

Keywords

Access control, Attribute-based encryption, Revocable storage, Ecryption key exposure

Discipline

Programming Languages and Compilers | Software Engineering

Publication

Information Sciences

Volume

479

First Page

116

Last Page

134

ISSN

0020-0255

Identifier

10.1016/j.ins.2018.11.031

Publisher

Elsevier

Additional URL

https://doi.org/10.1016/j.ins.2018.11.031

Download

Share

COinS