TSR-ABE: Traceable and Server-Aided Revocable Ciphertext-Policy Attribute-Based Encryption Under Static Assumptions

Abstract

The cloud server is a versatile platform for data storage, with users increasingly uploading personal data to public servers to circumvent costly local storage. However, the server is not entirely honest, as it may potentially compromise user data privacy. Ciphertext-policy attribute-based encryption (CP-ABE) is a highly flexible cryptographic technique for ensuring access control over encrypted data in cloud storage applications. To prevent unauthorized access, traceability and revocability are two necessary requirements for CP-ABE system. Nevertheless, existing white-box traceable and revocable CP-ABE schemes suffer from several imitations: 1) Whether direct revocation or indirect revocation is applied, neither type of the revocation mode is well compatible with the trace function. 2) Moreover, all of the previous white-box traceable CP-ABE schemes rely on non-static assumptions to prove traceability. Ideally, a scheme provably secure under static complexity assumptions is preferable. To deal with these issues, we propose a novel traceable and server-aided revocable CP-ABE (TSR-ABE) scheme based on static assumptions. Specifically, our revocation mode works well with the trace function, and we prove the adaptive chosen-plaintext attack security and traceability of our scheme via the well-known dual system encryption methodology. Compared with many previous traceable CP-ABE schemes, regardless of whether they support revocation or not, we remove the need to introduce an additional l-SDH assumption to prove the traceability of the scheme. In addition, our scheme is more practical due to its lower private key size, lower decryption costs and lower tracing costs. As a result, we strengthen current research from the perspective of both security and efficiency.