Cryptology ePrint Archive: Report 2017/1100

IR-CP-ABE: Identity Revocable Ciphertext-Policy Attribute-Based Encryption for Flexible Secure Group-Based Communication

Weijia Wang and Zhijie Wang and Bing Li and Qiuxiang Dong and Dijiang Huang

Abstract: Ciphertext-Policy Attribute-Based Encryp- tion (CP-ABE) is an access control mechanism over encrypted data and well suited for secure group-based communication. However, it also suffers from the fol- lowing problem, i.e., it is impossible to build all de- sired groups. For example, if two group members have exactly the same attributes, how to construct a group including only one of the two members? Obviously, at- tributes alone cannot distinguish these two members, therefore existing CP-ABE solutions do not work. To address this issue, in this paper, we present a new CP-ABE scheme (called IR-CP-ABE) that incorporates an Identity-based Revocation capability. With IR-CP-ABE, an access policy will be constructed by not only group members’ attributes but also their identities. To build a group, first, build a candidate group based on all de- sired group members’ attributes; second, remove unde- sired members by revoking their identities. By evaluat- ing the security and efficiency of a proposed construc- tion, we show that the IR-CP-ABE scheme is secure and efficient for practical applications.

Category / Keywords: public-key cryptography / Group-based Secure Communication; Ciphertext-Policy Attribute-Based Encryption; ID Revocation; Security; Efficiency

Date: received 6 Nov 2017, last revised 28 Nov 2017

Contact author: qiuxiang dong at asu edu

Available format(s): PDF | BibTeX Citation

Version: 20171129:041606 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]