A Revocable and Fair Outsourcing Attribute-Based Access Control Scheme in Metaverse.

Amidst the rapid advancements in metaverse and consumer electronics technology, individuals now have the opportunity to engage in immersive interactive experiences. However, the intimate connection between user data within the metaverse and their real-world identities necessitates the implementation of methods to safeguard the security of user data. Cryptography emerges as a prevalent tool for ensuring data security and consistency. Nevertheless, the inherent features of the metaverse, such as decentralization, pose challenges, rendering many access control strategies either inapplicable or ineffective. This paper proposes a privacy-aware and revocable CP-ABE scheme with fair outsourcing decryption (PRE-CPABE) based on blockchain. The scheme provides fine-grained access control capabilities without requiring a completely trusted central entity. Furthermore, we implement access control policy hiding to shield user privacy. We also consider fairness to both the user and the outsourced service provider. Through rigorous security analysis and performance comparisons, we demonstrate the efficacy of our scheme, showcasing its excellence in both security and efficiency.