Revocable Attribute-based Encryption with Escrow-free in Cloud Storage

Attribute-Based Encryption (ABE) scheme is widely used in cloud storage, which can achieve fine-grained access control. However, the original attribute-based encryption schemes have key escrow and attribute revocation problems. To solve these problems, this paper proposes a ciphertext-based ABE scheme. In the scheme, the key escrow problem could be solved by escrow-free key issuing protocol, which is constructed using the secure two-party computation between the attribute authority and the central controller. By updating the attribute version key, the scheme can achieve attribute-level user revocation. And by central controller, the scheme can achieve system-level user revocation. In order to reduce the user's computational burden of decryption, this scheme outsources the complicated pair operation to cloud service providers. Based on the assumption of q-Parallel BDHE, the scheme is proved that is the security of the chosen plaintext attack in the random oracle model. Finally, the efficiency and function of this scheme are analyzed theoretically and experimentally. The experimental results show that the proposed scheme does not have key escrow problem and has the higher system efficiency.