Efficient revocable ID‐based encryption with cloud revocation server |
| |
Authors: | Xiaoying Jia Neeraj Kumar Kim‐Kwang Raymond Choo Debiao He |
| |
Affiliation: | 1. School of Mathematics and Statistics, South‐Central University for Nationalities, Wuhan, China;2. Department of Computer Science and Engineering, Thapar University, Patiala, Punjab, India;3. Department of Information Systems and Cyber Security, The University of Texas at San Antonio, San Antonio, USA;4. State Key Lab of Software Engineering, Computer School, Wuhan University, Wuhan, China;5. Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Gulin, China |
| |
Abstract: | The capability to efficiently revoke compromised/misbehaving users is important in identity‐based encryption (IBE) applications, as it is not a matter of if but of when that one or more users are compromised. Existing solutions generally require a trusted third party to update the private keys of nonrevoked users periodically, which impact on scalability and result in high computation and communication overheads at the key generation center. Li et al proposed a revocable IBE scheme, which outsources most of the computation and communication overheads to a Key Update Cloud Service Provider (KU‐CSP). However, their scheme is lack of scalability since the KU‐CSP must maintain a secret value for each user. Tseng et al proposed another revocable IBE scheme with a cloud revocation authority, seeking to provide scalability and improve both performance and security level. In this paper, we present a new revocable IBE scheme with a cloud revocation server (CRS). The CRS holds only one secret time update key for all users, which provides the capability to scale our scheme. We demonstrate that our scheme is secure against adaptive‐ID and chosen ciphertext attacks under the k‐CAA assumption and outperforms both schemes mentioned above, in terms of having lower computation and communication overheads. |
| |
Keywords: | cloud computing identity‐based encryption outsourcing revocation |
|
|