A Traceable and Revocable Ciphertext-Policy Attribute-based Encryption Scheme Based on Privacy Protection

Considered as a promising fine-grained access control mechanism for data sharing without a centralized trusted third-party, the access policy in a plaintext form may reveal sensitive information in the traditional CP-ABE method. To address this issue, a hidden policy needs to be applied to the CP-ABE scheme, as the identity of a user cannot be accurately confirmed when the decryption key is leaked, so the malicious user is traced and revoked as demanded. In this article, a CP-ABE scheme that realizes revocation, white-box traceability, and the application of hidden policy is proposed, and such ciphertext is composed of two parts. One is related to the access policy encrypted by the attribute value, and only the attribute name is evident in the access policy. Another is related to the revocation information and updated when revoking, where the revocation information is generated by the binary tree related to users. The leaf node value of a binary tree in the decryption key is used to trace the malicious user. From experimental results, it is shown that the proposed scheme is proven to be IND-CPA secure under the chosen plaintext attacks and selective access policy based on the decisional q-BDHE assumption in the standard model, efficient, and promising.

Automated summary

The proposed CP-ABE scheme in this article achieves revocation, white-box traceability, and the application of hidden policy. The ciphertext is composed of two parts: the access policy encrypted by attribute value and the revocation information related to a binary tree. The scheme is proven to be IND-CPA secure, efficient, and promising in the standard model.