Proxy-based Immediate Attribute Revocation KP-ABE Scheme

doi:10.3969/j.issn.1000-3428.2014.10.005

Abstract

Abstract:

Attribute revocation is crucial to the practical use of Attribute-based Encryption(ABE). Most of the existing revocable ABE schemes under the indirect revocation model suffer in terms of delaying in revocation or updating keys and ciphertexts. To address this,this paper proposes a proxy-based immediate attribute revocation Key Policy(KP) attributebased encryption under the indirect model without issuing new keys or re-encrypting existing ciphertexts. It achieves attribute revocation by introducing a proxy in the decryption process and reduces the burden for the key authority. The proxy is semi-trusted which revokes user access privileges and cannot decrypt ciphertexts. Analysis results show that the scheme supports fine-grained access control policies and achieves three kinds of revocation including system attribute revocation,user revocation and user attribute revocation．

Key words: Attribute-based Encryption ( ABE ), Key Policy ( KP ), access control, semi-trusted proxy, attribute revocation, immediate revocation

摘要：

属性撤销是属性基加密方案在实际应用中亟须解决的问题,已有支持间接撤销模式的可撤销属性基加密方案存在撤销延时或需要更新密钥及密文等问题。为此,提出一种间接模式下基于代理的支持属性即时撤销的密钥策略属性基加密方案,该方案不需要用户更新密钥及重加密密文,通过在解密过程中引入代理实现撤销管理,减轻了授权机构的工作量,其要求代理为半可信,不支持为撤销用户提供访问权限及解密密文。分析结果表明,该方案支持细粒度访问控制策略,并且可以实现系统属性的撤销、用户的撤销及用户的部分属性撤销。

关键词: 属性基加密, 密钥策略, 访问控制, 半可信代理, 属性撤销, 即时撤销

CLC Number:

TP309. 2

LIN Juan,XUE Qing-shui,CAO Zhen-fu. Proxy-based Immediate Attribute Revocation KP-ABE Scheme[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2014.10.005.

林娟,薛庆水,曹珍富. 基于代理的即时属性撤销KP-ABE 方案[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2014.10.005.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.3969/j.issn.1000-3428.2014.10.005

http://www.ecice06.com/EN/Y2014/V40/I10/20

References

参考文献 [ 1 ]　Sahai A, Waters B. Fuzzy Identity-based Encryption [C] / / Proc. of EUROCRYPT’ 05. Berlin, Germany: Springer-Verlag,2005:237-246. [ 2 ]　Goyal V, Pandey O, Sahai A, et al. Attribute-based Encryption for Fine-grained Access Control of Encrypted Data [ C ] / / Proc. of the 13th ACM Conference on Computer and Communications Security. New York, USA:ACM Press,2006:456-468. [ 3 ]　Bethencourt J, Sahai A, Waters B. Ciphertext-policy Attribute-based Encryption[C] / / Proc. of the 2007 IEEE Conference on Security and Privacy. Washington D. C． , USA:IEEE Computer Society,2007:322-329. [ 4 ]　Attrapadung N, Imai H. Conjunctive Broadcast and Attribute-based Encryption[C] / / Proc. of Pairing-based Cryptography-pairing Conference. Berlin, Germany: Springer-Verlag,2009:487-496. [ 5 ]　Hur J,Noh D K. Attribute-based Access Control with Efficient Revocation in Data Outsourcing Systems[J]. IEEE Transactions on Parallel and Distributed Systems, 2011,22(7):1214-1221. [ 6 ]　Boldyreva A, Goyal V, Kumar V. Identity-based Encryption with Efficient Revocation [ C ] / / Proc. of ACM Conference on Computer and Communications Security. New York,USA:ACM Press,2008:547-558. [ 7 ]　Ibraimi L, Petkovic M, Nikova S, et al. Mediated Ciphertext-policy Attribute-based Encryption and Its Application[C] / / Proc. of the 10th Int’l Workshop on Information Security Applications. Berlin, Germany: Springer-Verlag,2009:157-166. [ 8 ]　Yu Shucheng,Wang Cong. Attribute Based Data Sharing with Attribute Revocation [C] / / Proc. of ASIAN ACM Conference on Computer and Communications Security. New York,USA:ACM Press,2010:621-629. [ 9 ]　Fan C,Huang V,Rung H. Arbitrary-state Attribute-based Encryption with Dynamic Membership [ J ]. IEEE Transactions on Computers,2014,68(3):1951-1961. [10]　Jahid S,Mittal P,Borisov N. EASiER:Encryption-based Access Control in Social Networks with Efficient Revocation[C] / / Proc. of the 6th ACM Symposium on Information, Computer and Communications Security. New York,USA:ACM Press,2011:234-239. [11]　Jahid S,Borisov N. PIRATTE:Proxy-based Immediate Revocation of ATTribute-based Encryption [ EB / OL]. (2012-08-10). http:/ / arxiv. org / pdf / 1208. 4877. pdf. [12]　Naor M,Pinkas B. Efficient Trace and Revoke Schemes [ C ] / / Proc. of Financial Cryptography. Berlin, Germany:Springer,2001:366-378. 编辑　索书志

[1]	Baohua HUANG, Huiying ZHENG, Xi QU, Ningjiang CHEN. Efficient Storage Access Control Scheme for Alliance Chain [J]. Computer Engineering, 2023, 49(8): 37-45.
[2]	TIAN Xiuxia, YANG Mingyi. Smart Contract-Based Access Control Mechanism in Home IoT [J]. Computer Engineering, 2023, 49(3): 18-28.
[3]	LIU Jing, ZHU Bingxu, LIANG Jiahang, REN Nüer, JI Haipeng. Blockchain Access Control Strategy Based on Mainchain and Sidechain Cooperation [J]. Computer Engineering, 2022, 48(3): 10-16,22.
[4]	WANG Jingyu, ZHOU Xuejuan. An Attribute-based Encryption Scheme for Ciphertext Policy that Supports Attribute Revocation [J]. Computer Engineering, 2021, 47(7): 95-100.
[5]	ZHANG Benhong, WU Haohao, YU Lei. Contention-based Time Division Multiple Access MAC Protocol in Vehicular Ad Hoc Networks [J]. Computer Engineering, 2021, 47(5): 154-159.
[6]	ZHANG Jianguo, HU Xiaohui. Research on Improved Access Control Mechanism of Internet of Things Devices Based on Ethereum [J]. Computer Engineering, 2021, 47(4): 32-39,47.
[7]	ZHANG Jianghui, CUI Bo, LI Ru, SHI Jinshan. Access Control System of Internet of Things Based on Smart Contract [J]. Computer Engineering, 2021, 47(4): 21-31.
[8]	ZHAN Changjian, LEI Lei, SHEN Gaoqing, LI Zhilin. Multi-Link Transmission MAC Protocol Suitable for Underwater Acoustic Sensor Network [J]. Computer Engineering, 2021, 47(2): 194-200.
[9]	HUANG Baohua, HUANG Pirong, ZHAO Weihong, PENG Li. Multi-Keyword Searchable Encryption Scheme Supporting Attribute Revocation in Cloud Storage [J]. Computer Engineering, 2021, 47(11): 29-36.
[10]	HAN Shuyan, Nurmamat Helil. CP-ABE Scheme Using Selectively Hidden Tree Access Structure [J]. Computer Engineering, 2020, 46(7): 150-158.
[11]	HUANG Fengming, TU Shanshan, MENG Yuan. Attribute-Based Encryption Scheme Supporting Outsourcing and Revocation in Fog Computing [J]. Computer Engineering, 2020, 46(5): 34-40.
[12]	LI Minzheng, ZI Wenbin, WANG Hao. Research on TDMA Time Slot Allocation Protocol in MAC Layer of LoRa Wireless Network [J]. Computer Engineering, 2019, 45(9): 95-99,118.
[13]	TAN Yuesheng,LU Liming,WANG Jingyu. Ciphertext Policy Encryption Scheme Based on Secure Three-party Computation [J]. Computer Engineering, 2019, 45(1): 115-120,128.
[14]	YANG Xiaodong,AN Faying,YANG Miaomiao,YANG Ping,WANG Caifen. Cloud Access Control Scheme Supporting Multi-authority Centers and Attribute Change [J]. Computer Engineering, 2018, 44(8): 1-6.
[15]	TAN Yuesheng,XING Chenshuo,WANG Jingyu. A Cloud Access Control Scheme Supporting Fine-grained Attribute Change [J]. Computer Engineering, 2018, 44(8): 7-13.

Please choose a citation manager

Content to export