Efficient Key-Aggregate Cryptosystem With User Revocation for Selective Group Data Sharing in Cloud Storage

Cloud computing has become prevalent due to its extensive storage resources and robust computational capacities. To protect data security and privacy, data owners opt for uploading encrypted data to the cloud. Flexible sharing of these encrypted data in a group of users is a critical functionality in cloud storage. In addition, given that users may exit the group, revocation becomes a crucial requirement in group data-sharing systems. The Key-Aggregate Cryptosystem (KAC) has become a promising mechanism for group data sharing. The decryption rights for any set of ciphertexts can be efficiently delegated by distributing a constant-size aggregate key, while the confidentiality of other ciphertexts outside the set is maintained. However, in previous KAC schemes, revocation remains a challenging task regarding key update, ciphertext re-encryption, and collision resistance. In this paper, we propose a Key-Aggregate Cryptosystem with User Revocation (KAC-UR) scheme to overcome this challenge. The KAC-UR scheme not only achieves flexible data sharing, but also can perform secure and efficient user revocation with properties including collision resistance, revocation without data owner-user communication, and constant ciphertext size. The KAC-UR scheme also enables the cloud server to perform partial decryption, thereby significantly alleviating the computational burden for users. The KAC-UR scheme is chosen plaintext attack secure under the decisional Bilinear Diffie-Hellman Exponent assumption.