You Are Revoked and Out: Towards Directly Revocable Ciphertext-Policy Attribute-Based Encryption

Ciphertext-policy attributed-based encryption (CP-ABE) is considered as a promising cryptographic primitive to enable fine-grained access control over encrypted data. Throughout the life circle of the data encrypted with CP-ABE, every single data user might opt out or be identified to be malicious and hence should be revoked to keep continuous access control over sensitive data. In this study, we propose a directly revocable CP-ABE with backward and forward secrecy, which means that a revoked user cannot successfully decrypt ciphertexts after sufficient revocation while valid users will not be disturbed. Combined with an effective proxy mechanism, the proposed scheme delegates complete workloads of re-encryption and ciphertext updating to a semi-trusted third party (e.g., a cloud service provider). In addition, even collusion among users is useless in our construction, which is not well addressed in previous works. The security analysis indicates that the presented CP-ABE is selectively secure against chosen-plaintext attacks in the standard model, and the performance analysis demonstrates that our proposal is practical compared with existing schemes.