In a ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user may have multiple attributes, and each attribute may be shared simultaneously by many users. The decryption key of an attribute can thus be shared by many users who all possess the attribute. For monetary gain, a malicious authorized user may reveal his/her decryption key to a third party, and it is difficult to trace the owner of primitive secret key from an exposed key. At the same time, this situation may also limit commercial applications of CP-ABE systems. To solve these problems and enable fine-grained access control for the encrypted data, we propose a traceable CP-ABE scheme with attribute-level user revocation for cloud storage (TUR-CPABE). Our scheme enjoys four advantages. First, it has the ability to trace malicious users who have leaked key information from the system. Second, it supports attribute-level user revocation for malicious users and allows ABE fine-grained access control. Third, it allows secret key updates and ciphertext updates to resist collusion attacks between users. Fourth, outsourcing encryption, decryption and attribute revocation are used to reduce the computational burden on data owners, data users and the trust authority, respectively. In addition, our scheme has been proven to be secure against chosen plaintext attacks under a selective access policy based on decisional q – BDHE assumption in the standard model.
Now more and more data are being outsourced to cloud services. In order to ensure data security and privacy, data are usually stored on the cloud server in the form of ciphertext. When a user requests access to the encrypted data, an access key distributed by a third party is needed. However, if the third party is dishonest, the security of the system will be threatened. Faced with this problem, in this paper, we propose a new secure cloud storage framework with access control by using the Ethereum blockchain technology. Our new scheme is a combination of Ethereum blockchain and ciphertext-policy attribute-based encryption (CP-ABE). The proposed cloud storage framework is decentralized, that is, there is no trusted third party in the system. Our scheme has three main features. First, as the Ethereum blockchain technology is used, the data owner can store ciphertext of data through smart contracts in a blockchain network. Second, the data owner can set valid access periods for data usage so that the ciphertext can only be decrypted during valid access periods. Finally, as the creation and invocation of each smart contract can be stored in the blockchain, thus, the function of the trace is achieved. The analysis of the security and experiment shows that our scheme is feasible.INDEX TERMS Cloud storage, access control, Ethereum, blockchain, smart contract.
Attribute based encryption (ABE) is a good way to achieve flexible and secure access control to data, and attribute revocation is the extension of the attribute-based encryption, and the keyword search is an indispensable part for cloud storage. The combination of both has an important application in the cloud storage. In this paper, we construct a searchable attribute-based encryption scheme with attribute revocation in cloud storage, the keyword search in our scheme is attribute based with access control, when the search succeeds, the cloud server returns the corresponding cipher text to user and the user can decrypt the cipher text definitely. Besides, our scheme supports multiple keywords search, which makes the scheme more practical. Under the assumption of decisional bilinear Diffie-Hellman exponent (q-BDHE) and decisional Diffie-Hellman (DDH) in the selective security model, we prove that our scheme is secure.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.