Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage

• Published in: Frontiers of information technology & electronic engineering Vol. 14; no. 2; pp. 85 - 97
• Main Authors: Cheng, Yong, Wang, Zhi-ying, Ma, Jun, Wu, Jiang-jiang, Mei, Song-zhu, Ren, Jiang-chun
• Format: Journal Article
• Language: English
• Published: Heidelberg SP Zhejiang University Press 01.02.2013; Springer Nature B.V
• Subjects: Access control; Algorithms; Aridity; Cloud computing; Communications Engineering; Computer Hardware; Computer Science; Computer Systems Organization and Communication Networks; Cryptography; Customers; Data storage; Electrical Engineering; Electronics and Microelectronics; Encryption; Instrumentation; Networks; Stores; Workload; 学术论文; 期刊; 编辑工作; 英文摘要; TP309.2; Cryptographic access control; Revocation optimization; Cloud storage
• ISSN: 1869-1951; 2095-9184; 1869-196X; 2095-9230
• DOI: 10.1631/jzus.C1200240

It is secure for customers to store and share their sensitive data in the cryptographic cloud storage.However,the revocation operation is a sure performance killer in the cryptographic access control system.To optimize the revocation procedure,we present a new efficient revocation scheme which is efficient,secure,and unassisted.In this scheme,the original data are first divided into a number of slices,and then published to the cloud storage.When a revocation occurs,the data owner needs only to retrieve one slice,and re-encrypt and re-publish it.Thus,the revocation process is accelerated by affecting only one slice instead of the whole data.We have applied the efficient revocation scheme to the ciphertext-policy attribute-based encryption（CP-ABE） based cryptographic cloud storage.The security analysis shows that our scheme is computationally secure.The theoretically evaluated and experimentally measured performance results show that the efficient revocation scheme can reduce the data owner’s workload if the revocation occurs frequently.