IET Information Security (Jan 2024)
Lattice-Based CP-ABE Access Control for SDS Constraint with Lazy Assignment of Attributes and Attribute Revocation
Abstract
Ciphertext-policy attribute-based encryption (CP-ABE) is a cryptographic scheme suitable for secure data sharing on cloud storage. The CP-ABE based on lattice theory has the property of resisting quantum attack. Some data objects uploaded to the cloud by the same data owner may cause conflicts of interest, or their combination may expose sensitive information. This paper proposes a revocable CP-ABE scheme on the lattice, based on ring learning with error (R-LWE) problem, to enforce access control constraints on user access to such data objects. In this scheme, first, the access policies of such data objects are amended by adding dummy attributes. Second, we control the secret key components associated with the dummy attributes or revoke the dummy attributes to prevent users from continuously accessing specific parts or all data objects from this kind of data set. Finally, we carry on the efficiency and security analysis of the scheme. The analysis results show that the scheme is efficient and safe.
