TY - GEN
T1 - Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list
AU - Liu, Joseph K.
AU - Yuen, Tsz Hon
AU - Zhang, Peng
AU - Liang, Kaitai
PY - 2018
Y1 - 2018
N2 - In this paper, we propose an efficient revocable Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme. We base on the direct revocation approach, by embedding the revocation list into ciphertext. However, since the revocation list will grow longer as time goes by, we further leverage this by proposing a secret key time validation technique so that users will have their keys expired on a date and the revocation list only needs to include those user keys revoked before their intended expired date (e.g. those user keys which have been stolen before expiry). These keys can be removed from the revocation list after their expiry date in order to keep the revocation list short, as these keys can no longer be used to decrypt ciphertext generated after their expiry time. This technique is derived from Hierarchical Identity-based Encryption (HIBE) mechanism and thus time periods are in hierarchical structure: year, month, day. Users with validity of the whole year can decrypt any ciphertext associated with time period of any month or any day within the year. By using this technique, the size of public parameters and user secret key can be greatly reduced. A bonus advantage of this technique is the support of discontinuity of user validity (e.g. taking no-paid leave).
AB - In this paper, we propose an efficient revocable Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme. We base on the direct revocation approach, by embedding the revocation list into ciphertext. However, since the revocation list will grow longer as time goes by, we further leverage this by proposing a secret key time validation technique so that users will have their keys expired on a date and the revocation list only needs to include those user keys revoked before their intended expired date (e.g. those user keys which have been stolen before expiry). These keys can be removed from the revocation list after their expiry date in order to keep the revocation list short, as these keys can no longer be used to decrypt ciphertext generated after their expiry time. This technique is derived from Hierarchical Identity-based Encryption (HIBE) mechanism and thus time periods are in hierarchical structure: year, month, day. Users with validity of the whole year can decrypt any ciphertext associated with time period of any month or any day within the year. By using this technique, the size of public parameters and user secret key can be greatly reduced. A bonus advantage of this technique is the support of discontinuity of user validity (e.g. taking no-paid leave).
UR - http://www.scopus.com/inward/record.url?scp=85049086517&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-93387-0_27
DO - 10.1007/978-3-319-93387-0_27
M3 - Conference contribution
AN - SCOPUS:85049086517
SN - 9783319933863
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 516
EP - 534
BT - Applied Cryptography and Network Security - 16th International Conference, ACNS 2018, Proceedings
A2 - Preneel, Bart
A2 - Vercauteren, Frederik
PB - Springer
T2 - 16th International Conference on Applied Cryptography and Network Security, ACNS 2018
Y2 - 2 July 2018 through 4 July 2018
ER -