New model and construction of ABE: Achieving key resilient-leakage and attribute direct-revocation

Abstract

Attribute-Based Encryption allows for implementing fine-grained decentralized access control based on properties or attributes a user has, which has drawn attention for realizing decentralized access control in large and dynamic networks such as Mesh network, Internet of Things and cloud computing. However, in open networks, the attacker can blow the concrete implementation of cryptosystems, and then gain the internal secret states such as pseudo-random number, internal result and secret key to break the system. In this work, we first model a fine-grained attribute revocable (ciphertext-policy) attribute-based encryption in the presence of key leakage, and then give a concrete construction with security and resilient-leakage performance analysis. Our scheme is the first designing enjoying at the same time the following properties: (i) Support attribute direct revocation that does not affect any other user's secret key. (ii) Tolerate the key of matching the challenge ciphertext to be partially revealed. (iii) Provide a key update mechanism to support continual leakage tolerance. © 2014 Springer International Publishing Switzerland.