Indexed on: 23 Dec '17Published on: 21 Nov '17Published in: International Journal of Embedded Systems
Attribute-;based encryption enables fine-;grained access control on sensitive data with a specific user set. However, traditional ABE schemes cannot satisfy practical requirements of data sharing applications where users may leave or join a system frequently. In this paper, a ciphertext-;policy ABE scheme with direct user revocation (DUR-;CP-;ABE) is proposed. In DUR-;CP-;ABE, both the private key and the ciphertext contain partial components associated with a user identity and a revocation list, respectively. A user can decrypt a ciphertext if and only if he/she is not in the revocation list and his/her attribute set satisfies the access policy, simultaneously. In addition, whenever revocation events occur, only ciphertext components associated with the revocation list need to be updated. Finally, the DUR-;CP-;ABE scheme is proved selectively secure under the decisional <i>q</i>-;bilinear Diffie-;Hellman exponent assumption in the standard model. Compared with the existing revocation-;related schemes, the new scheme can achieve high efficiency and ensure the expression ability of access structure.