View article

As a one-to-many public key encryption system, attribute-based encryption (ABE) enables scalable access control over encrypted data in cloud storage services. However, efficient user revocation has been a very challenging problem in ABE. To address this issue, Boldyreva, Goyal and Kumar [5] introduced a revocation method by combining the binary tree data structure with fuzzy identity-based encryption, in which a key generation center (KGC) periodically broadcasts key update information to all data users over a public channel. The Boldyreva-Goyal-Kumar approach reduces the size of key updates from linear to logarithm in the number of users, and it has been widely used in subsequent revocable ABE systems; however, it requires each data user to keep a private key of logarithmic size and all non-revoked data users to periodically update decryption keys for each new time period. To further …