Ciphertext Outdate Attacks on the Revocable Attribute-Based Encryption Scheme With Time Encodings

Kwangsu Lee

doi:10.1109/ACCESS.2019.2953300

IEEE Access (Jan 2019)

Ciphertext Outdate Attacks on the Revocable Attribute-Based Encryption Scheme With Time Encodings

Kwangsu Lee

Affiliations

Kwangsu Lee: ORCiD; Department of Computer and Information Security, Sejong University, Seoul, South Korea

DOI: https://doi.org/10.1109/ACCESS.2019.2953300
Journal volume & issue: Vol. 7
pp. 165122 – 165126

Abstract

Read online

Cloud storage is a new computing paradigm that allows users to store their data in the cloud and access them anytime anywhere through the Internet. To address the various security issues that may arise in the cloud storage accessed by a large number of users, cryptographic encryption should be considered. Currently, researches on revocable attribute-based encryption (RABE) systems, which provide user revocation function and ciphertext update function by extending attribute-based encryption (ABE) systems that provide access control to ciphertexts, are actively being studied. Recently, Xu et al. proposed a new RABE scheme that combines ABE and identity-based encryption (IBE) schemes to efficiently handle ciphertext update and user revocation functionality. In this paper, we show that there is a serious security problem in Xu et al.'s RABE scheme such that a cloud server can obtain the plaintext information of stored ciphertexts by gathering invalidated credentials of revoked users. Additionally, we also show that the RABE scheme of Xu et al. can be secure in a weaker security model where the cloud server cannot obtain any invalidated credentials of revoked users.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords