Fully Secure Revocable Attribute-Based Encryption  被引量：3

作　　者：钱俊磊 董晓蕾 

机构地区：[1]Department of Computer Science&Engineering,Shanghai Jiaotong University

出　　处：《Journal of Shanghai Jiaotong university(Science)》2011年第4期490-496,共7页上海交通大学学报（英文版）

基　　金：the National Natural Science Foundation of China(No.60972034)

摘　　要：Distributed information systems require complex access control which depends upon attributes of protected data and access policies.Traditionally,to enforce the access control,a file server is used to store all data and act as a reference to check the user.Apparently,the drawback of this system is that the security is based on the file server and the data are stored in plaintext.Attribute-based encryption(ABE) is introduced first by Sahai and Waters and can enable an access control mechanism over encrypted data by specifying the users’ attributes. According to this mechanism,even though the file server is compromised,we can still keep the security of the data. Besides the access control,user may be deprived of the ability in some situation,for example paying TV.More previous ABE constructions are proven secure in the selective model of security that attacker must announce the target he intends to attack before seeing the public parameters.And few of previous ABE constructions realize revocation of the users’ key.This paper presents an ABE scheme that supports revocation and has full security in adaptive model.We adapt the dual system encryption technique recently introduced by Waters to ABE to realize full security.Distributed information systems require complex access control which depends upon attributes of protected data and access policies. Traditionally, to enforce the access control, a file server is used to store all data and act as a reference to check the user. Apparently, the drawback of this system is that the security is based on the file server and the data are stored in plaintext. Attribute-based encryption （ABE） is introduced first by Sahai and Waters and can enable an access control mechanism over encrypted data by specifying the users＇ attributes. According to this mechanism, even though the file server is compromised, we can still keep the security of the data. Besides the access control, user may be deprived of the ability in some situation, for example paying TV. More previous ABE constructions are proven secure in the selective model of security that attacker must announce the target he intends to attack before seeing the public parameters. And few of previous ABE constructions realize revocation of the users＇ key. This paper presents an ABE scheme that supports revocation and has full security in adaptive model. We adapt the dual system encryption technique recently introduced by Waters to ABE to realize full security.

关 键 词：attribute-based encryption(ABE) dual encryption REVOCATION 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]