Server-aided revocable attribute-based encryption

H. Cui; R.H. Deng; Y. Li; B. Qin

doi:10.1007/978-3-319-45741-3_29

Back

Server-aided revocable attribute-based encryption

Book chapter

Peer reviewed

Server-aided revocable attribute-based encryption

H. Cui, R.H. Deng, Y. Li and B. Qin

Computer Security – ESORICS 2016, Vol.9879, pp.570-587

Springer

2016

DOI: https://doi.org/10.1007/978-3-319-45741-3_29

Files and links (1)

url

Link to Published Version *Subscription may be requiredView

Abstract

As a one-to-many public key encryption system, attribute-based encryption (ABE) enables scalable access control over encrypted data in cloud storage services. However, efficient user revocation has been a very challenging problem in ABE. To address this issue, Boldyreva, Goyal and Kumar [5] introduced a revocation method by combining the binary tree data structure with fuzzy identity-based encryption, in which a key generation center (KGC) periodically broadcasts key update information to all data users over a public channel. The Boldyreva-Goyal-Kumar approach reduces the size of key updates from linear to logarithm in the number of users, and it has been widely used in subsequent revocable ABE systems; however, it requires each data user to keep a private key of logarithmic size and all non-revoked data users to periodically update decryption keys for each new time period. To further optimize user revocation in ABE, in this paper, we propose a notion called server-aided revocable ABE (SR-ABE), in which almost all workloads of data users incurred by user revocation are delegated to an untrusted server and each data user only needs to store a key of constant size. We then define a security model for SR-ABE, and present a concrete SR-ABE scheme secure under this model. Interestingly, due to the key embedding gadget employed in the construction of SR-ABE, our SR-ABE scheme does not require any secure channels for key transmission, and also enjoys an additional property in the decryption phase, where a data user only needs to perform one exponentiation computation to decrypt a ciphertext.

Details

Title: Server-aided revocable attribute-based encryption
Authors/Creators: H. Cui (Author/Creator)
R.H. Deng (Author/Creator)
Y. Li (Author/Creator)
B. Qin (Author/Creator)
Contributors: I. Askoxylakis (Editor)
S. Ioannidis (Editor)
S. Katsikas (Editor)
C. Meadows (Editor)
Publication Details: Computer Security – ESORICS 2016, Vol.9879, pp.570-587
Publisher: Springer
Identifiers: 991005543437807891
Murdoch Affiliation: Murdoch University
Language: English
Resource Type: Book chapter

Metrics

70 Record Views

107 Times Cited - Web of Science