Attribute Revocable Multi-Authority Attribute-Based Encryption with Forward Secrecy for Cloud Storage

Kenta NOMURA  Masami MOHRI  Yoshiaki SHIRAISHI  Masakatu MORII  

IEICE TRANSACTIONS on Information and Systems   Vol.E100-D   No.10   pp.2420-2431
Publication Date: 2017/10/01
Publicized: 2017/07/21
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2016OFP0004
Type of Manuscript: Special Section PAPER (Special Section on Advanced Log Processing and Office Information Systems)
ciphertext-policy attribute-based encryption,  multiple key authorities,  attribute revocation,  forward secrecy,  

Full Text: PDF>>
Buy this Article

Internet of Things (IoT) has been widely applied in various fields. IoT data can also be put to cloud, but there are still concerns regarding security and privacy. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is attracted attention in cloud storage as a suitable encryption scheme for confidential data share and transmission. In CP-ABE, the secret key of a user is associated with a set of attributes; when attributes satisfy the access structure, the ciphertext is able to be decrypted. It is necessary that multiple authorities issue and manage secret keys independently. Authorities that generate the secret key can be regarded as managing the attributes of a user in CP-ABE. CP-ABE schemes that have multiple authorities have been proposed. The other hand, it should consider that a user's operation at the terminals is not necessary when a user drop an attribute and key is updated and the design of the communication system is a simple. In this paper, we propose CP-ABE scheme that have multiple key authorities and can revoke attribute immediately with no updating user's secret key for attribute revocation. In addition, the length of ciphertext is fixed. The proposed scheme is IND-CPA secure in DBDH assumption under the standard model. We compare the proposed scheme and the other CP-ABE schemes and show that the proposed scheme is more suitable for cloud storage.