An Effective Scheme for Revocation of User Attributes for Data Outsourcing in Cloud Storage

This chapter proposes a novel and fast scheme based on CP-ABE algorithm from the respect of the user’s attribute revocation to make it faster. With the advances of cloud data centers and cloud service, many application scenarios are developed such as enterprise business, the Vehicular Ad Hoc Networks (VANET), Sensor network. VANET is a particular case of wireless multihop network, which has the constraint of fast topology changes due to the high node mobility. Two major issues are efficiency and confidentiality. One of the fine-grained access control cryptography technologies, CP-ABE, is frequently used in cloud storage for outsourced data to safeguard user privacy. Furthermore, in addition to anonymity, computational cost is a key component that enables the use of CPABE in the circumstancesIn this scheme, we construct an identical tree T2 that has the same structure as the actual access control tree T1. Upon receiving a request from the user for the encrypted text to be preserved on CSP, CSP attempts to decrypt CT2, which is encrypted using the subset of secret keys that correspond to the user-provided attribute indexes and is also preserved on CSP based on the same tree T2. CSP will send CT1 to the user if they are able to decrypt it successfully, as this verifies their authorization to access the cryptographic text. In the event that CT1 is not sent to the user, CSP acknowledges that the user does not have access to it. Namely, we can decide if we authorize the right to access CT1 by judging if the secret key provided by the user can decrypt CT2. Because CT1 and CT2 have the same access control structure, they have the same secret key for decryption; that is, when some attributes are revoked, if the secret key cannot decrypt CT2, it cannot decrypt CT1. While CSP can directly decrypt CT2, but not CT1, CSP can judge if the user has access to CT1 after the attribute revocation by decryption of CT2. Moreover, we propose the construction method of CT1 and CT2. Finally, we prove that the scheme is secure and viable. Our scheme realizes the attribute revocation and does not add too much computation overload on the system.