Murdoch University Research Repository

Welcome to the Murdoch University Research Repository

The Murdoch University Research Repository is an open access digital collection of research
created by Murdoch University staff, researchers and postgraduate students.

Learn more

Attribute-Based Encryption with Granular Revocation

Cui, H.ORCID: 0000-0002-5820-2233, Deng, R.H., Ding, X. and Li, Y. (2017) Attribute-Based Encryption with Granular Revocation. In: Deng, R., Weng, J., Ren, K. and Yegneswaran, V., (eds.) Security and Privacy in Communication Networks. Springer, pp. 165-181.

Link to Published Version: https://doi.org/10.1007/978-3-319-59608-2_9
*Subscription may be required

Abstract

Attribute-based encryption (ABE) enables an access control mechanism over encrypted data by specifying access policies over attributes associated with private keys or ciphertexts, which is a promising solution to protect data privacy in cloud storage services. As an encryption system that involves many data users whose attributes might change over time, it is essential to provide a mechanism to selectively revoke data users’ attributes in an ABE system. However, most of the previous revokable ABE schemes consider how to disable revoked data users to access (newly) encrypted data in the system, and there are few of them that can be used to revoke one or more attributes of a data user while keeping this user active in the system. Due to this observation, in this paper, we focus on designing ABE schemes supporting selective revocation, i.e., a data user’s attributes can be selectively revoked, which we call ABE with granular revocation (ABE-GR). Our idea is to utilize the key separation technique, such that for any data user, key elements corresponding to his/her attributes are generated separately but are linkable to each other. To begin with, we give a basic ABE-GR scheme to accomplish selective revocation using the binary tree data structure. Then, to further improve the efficiency, we present a server-aided ABE-GR scheme, where an untrusted server is introduced to the system to mitigate data users’ workloads during the key update phase. Both of the ABE-GR constructions are formally proved to be secure under our defined security model.

Item Type: Book Chapter
Publisher: Springer
Copyright: © 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
Other Information: Series title: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering; Vol. 198
URI: http://researchrepository.murdoch.edu.au/id/eprint/44050
Item Control Page Item Control Page