A Traceable and Revocable Multiauthority Attribute-Based Encryption Scheme with Fast Access

Abstract

Multiauthority ciphertext-policy attribute-based encryption (MA-CP-ABE) is a promising technique for secure data sharing in cloud storage. As multiple users with same attributes have same decryption privilege in MA-CP-ABE, the identity of the decryption key owner cannot be accurately traced by the exposed decryption key. This will lead to the key abuse problem, for example, the malicious users may sell their decryption keys to others. In this paper, we first present a traceable MA-CP-ABE scheme supporting fast access and malicious users' accountability. Then, we prove that the proposed scheme is adaptively secure under the symmetric external Diffie-Hellman assumption and fully traceable under the q-Strong Diffie-Hellman assumption. Finally, we design a traceable and revocable MA-CP-ABE system for secure and efficient cloud storage from the proposed scheme. When a malicious user leaks his decryption key, our proposed system can not only confirm his identity but also revoke his decryption privilege. Extensive efficiency analysis results indicate that our system requires only constant number of pairing operations for ciphertext data access.