Traceable ciphertext-policy attribute-based encryption scheme with attribute level user revocation for cloud storage

• Published in: PloS one Vol. 13; no. 9; p. e0203225
• Main Authors: Wang, Shangping, Guo, Keke, Zhang, Yaling
• Format: Journal Article
• Language: English
• Published: United States Public Library of Science 13.09.2018; Public Library of Science (PLoS)
• Subjects: Access control; Algorithms; Analysis; Biology and Life Sciences; Ciphers; Cloud Computing; Computer and Information Sciences; Computer applications; Computer Security; Data encryption; Data storage; Encryption; Engineering and Technology; Information science; Information storage; Information storage and retrieval; Information systems; Keywords; Medicine and Health Sciences; Network security; Outsourcing; Physical Sciences; Privacy; Research and Analysis Methods; Storage; China
• ISSN: 1932-6203; 1932-6203
• DOI: 10.1371/journal.pone.0203225

In a ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user may have multiple attributes, and each attribute may be shared simultaneously by many users. The decryption key of an attribute can thus be shared by many users who all possess the attribute. For monetary gain, a malicious authorized user may reveal his/her decryption key to a third party, and it is difficult to trace the owner of primitive secret key from an exposed key. At the same time, this situation may also limit commercial applications of CP-ABE systems. To solve these problems and enable fine-grained access control for the encrypted data, we propose a traceable CP-ABE scheme with attribute-level user revocation for cloud storage (TUR-CPABE). Our scheme enjoys four advantages. First, it has the ability to trace malicious users who have leaked key information from the system. Second, it supports attribute-level user revocation for malicious users and allows ABE fine-grained access control. Third, it allows secret key updates and ciphertext updates to resist collusion attacks between users. Fourth, outsourcing encryption, decryption and attribute revocation are used to reduce the computational burden on data owners, data users and the trust authority, respectively. In addition, our scheme has been proven to be secure against chosen plaintext attacks under a selective access policy based on decisional q - BDHE assumption in the standard model.