A Partially Hidden Policy Attribute-based Encryption Supporting Outsourced Authentication and Attribute Revocation

Kai Fan,Lingwei Du,Wenhao Li,Yuhan Bai,Yintang Yang,Kan Yang,Hui Li
DOI: https://doi.org/10.21203/rs.3.rs-2261463/v1
2022-01-01
Abstract:Abstract Ciphertext-Policy Attribute-based Encryption (CP-ABE) has been used as an important access control approach to protect the data security. The data owner uploads the access policy in the form of plaintext to the cloud, potentially disclosing personal information about the data owner. Hidden-Policy CP-ABE schemes have been proposed to partially hide the policy or fully hide the policy. However, such schemes may incur high overhead on identity authentication and user revocation. In this paper, we propose a new partially hidden policy CP-ABE (OAAR-PHP-ABE) to address the low authentication efficiency and lack of support for attribute revocation of existing PHP-CP-ABE schemes. We give the cloud server a portion of the calculation of the encryption parameters to complete during the encryption step. The final ciphertext is encrypted by data owners using the outsourced encrypted ciphertext, which reduces the data owner's computational workload. In the decryption phase, we divide the user's key into two parts: the outsourced decryption key and the user's secret key. The cloud use outsourced decryption keys to help users complete user authentication and partial decryption. Users just need to conduct an exponentiation operation to recover the plaintext after receiving the outsourced decrypted ciphertext, which can significantly reduce users' computational overhead. In addition, a dynamic revocation algorithm for users and attributes in the system is also designed.
What problem does this paper attempt to address?