Attribute based data sharing with attribute revocation

Shucheng Yu, Cong Wang, Kui Ren, Wenjing Lou

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

553 Scopus citations

Abstract

Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. In CP-ABE, each user is associated with a set of attributes and data are encrypted with access structures on attributes. A user is able to decrypt a ciphertext if and only if his attributes satisfy the ciphertext access structure. Beside this basic property, practical applications usually have other requirements. In this paper we focus on an important issue of attribute revocation which is cumbersome for CP-ABE schemes. In particular, we resolve this challenging issue by considering more practical scenarios in which semi-trustable on-line proxy servers are available. As compared to existing schemes, our proposed solution enables the authority to revoke user attributes with minimal effort. We achieve this by uniquely integrating the technique of proxy re-encryption with CP-ABE, and enable the authority to delegate most of laborious tasks to proxy servers. Formal analysis shows that our proposed scheme is provably secure against chosen ciphertext attacks. In addition, we show that our technique can also be applicable to the Key-Policy Attribute Based Encryption (KP-ABE) counterpart.

Original languageEnglish
Title of host publicationProceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010
Pages261-270
Number of pages10
DOIs
StatePublished - 2010
Event5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010 - Beijing, China
Duration: 13 Apr 201016 Apr 2010

Publication series

NameProceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010

Conference

Conference5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010
Country/TerritoryChina
CityBeijing
Period13/04/1016/04/10

Keywords

  • attribute based encryption
  • proxy re-encryption
  • revocation

Fingerprint

Dive into the research topics of 'Attribute based data sharing with attribute revocation'. Together they form a unique fingerprint.

Cite this