Attribute-Based Encryption Optimized for Cloud Computing
- Matus Horvath
- IACR Cryptology ePrint Archive
In this work, we design a method for efficient revocation within Ciphertext-Policy Attribute-Based Encryption scheme. Our main technical innovation is based on linear secret sharing and binary tree techniques, every user in system is assigned with both a set of attributes and a unique identifier. Any user can also be efficiently revoked by using this identifier. Furthermore, this technique resulted in two key contributions: the size of the cryptographic key material is smaller and encryption/decryption cannot be affected with an unbounded number of revoked users. Then, the scheme is proved to be secure under the q-MEBDH assumption in the standard model. The efficiency is also optimized that the size of user’s private key has only a constant increase. The revocation information is embedded in the ciphertext so that the fine-grained access control is more flexible.