Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating

Research paper by Takeru Naruse, Masami Mohri, Yoshiaki Shiraishi

Indexed on: 22 Mar '15Published on: 22 Mar '15Published in: Human-centric Computing and Information Sciences


Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on a cloud storage system. In CP-ABE, the data owner encrypts data under the access structure over attributes and a set of attributes assigned to users is embedded in user’s secret key. A user is able to decrypt if his attributes satisfy the ciphertext’s access structure. In CP-ABE, processes of user’s attribute revocation and grant are concentrated on the authority and the data owner. In this paper, we propose a ciphertext-policy attribute-based encryption scheme delegating attribute revocation processes to Cloud Server by proxy re-encryption. The proposed scheme does not require generations of new secret key when granting attributes to a user and supports any Linear Secret Sharing Schemes (LSSS) access structure. We prove that the proposed scheme is secure against attack by unauthorized users and Cloud Server.