Ciphertext-policy attribute-based encryption (CP-ABE) is regarded as one of the most suitable technologies for data access control in cloud storage system. It gives data owners direct and flexible control on access policies. However, there still exists practicality concerns in CP-ABE applications, for example, the key escrow problem, user revocability, and large ciphertext size.Considering these problems, we propose a multi-authority attribute-based encryption scheme with constant-size ciphertexts and user revocation for threshold access policy in this paper.The security proof shows that the proposed scheme is selectively secure under the augmented multi-sequence of exponents decisional Diffie-Hellman assumption, and it also achieves forward security, backward security, and collusion-resistance.
KEYWORDSciphertext-policy attribute-based encryption, multi-authority attribute-based encryption, threshold access policy, user revocation
INTRODUCTIONAttribute-based encryption (ABE) is considered as a good way to share information securely in cloud system. ABE is first proposed by Sahai and Waters 1 in 2005. Then, the idea was further extended and key-policy attribute-based encryption (KP-ABE) was formally proposed by Goyal et al. 2 In 2007, ciphertext-policy attribute-based encryption was first proposed by Bethencourt et al. 3 ABE scheme is used to share information securely 4 and support fine-grained access control. 5,6 ABE has many applications in social networks and wireless communications. 7-11 ABE can be applied to PHR sharing in cloud computing 12 or some data searching systems. 13,14 There are some other ABE schemes relative to different aspects. Li et al 15 proposed a new secure outsourced ABE system, which supports both secure outsourced key-issuing and decryption. Li et al 16 proposed an efficient ABS with multiple authorities that can be proved with strong signer privacy and unforgeability.In ciphertext-policy attribute-based encryption, ciphertexts are associated with policies, and users' keys are associated with sets of descriptive attributes (the reverse of key-policy attribute-based encryption). CP-ABE 17-21 is regarded as one of the most suitable technologies for data access control in cloud storage system. However, there still exist practicality problems when cipher policy attribute-based encryption is used in cloud system, such as key escrow problem, user revocability, and large ciphertext size.Assumed-trusted authority in the ABE with single authority holds each user's attribute keys and has the power to decrypt every ciphertext, which is known as key escrow problem. 22 Multi-authority attribute-based encryption (MA-ABE) is an effective way to solve key escrow problem. In MA-ABE, many different authorities operate simultaneously, each handing out secret keys for a different set of attributes so that none of authorities can figure out the encrypted message by itself. In 2007, multi-authority attribute-based encryption schemes was first proposed by Chase. 23 Since then, many multi-authority attribute-b...