Attribute-based encryption (ABE) is a prominent cryptographic tool for secure data sharing in the cloud because it can be used to enforce very expressive and fine-grained access control on outsourced data. The revocation in ABE remains a challenging problem as most of the revocation techniques available today, suffer from the collusion attack. The revocable ABE schemes which are collusion resistant require the aid of a semi-trusted manager to achieve revocation. More specifically, the semi-trusted manager needs to update the secret keys of nonrevoked users followed by a revocation. This introduces computation and communication overhead, and also increases the overall security vulnerability. In this work, we propose a revocable ABE scheme that is collusion resistant and does not require any semi-trusted entity. In our scheme, the secret keys of the nonrevoked users are never affected. Our decryption requires only an additional pairing operation compared to the baseline ABE scheme. We are able to achieve these at the cost of a little increase (compared to the baseline scheme) in the size of the secret key and the ciphertext. Theoretical performance analysis and experimental results show that our scheme outperforms the relatable existing schemes.


Computer Science

Research Center/Lab(s)

Intelligent Systems Center


This research is partially supported by a NSF grant 1449344.

Preprints and early-stage research may not have been peer reviewed yet.

Keywords and Phrases

Secure Cloud Data Sharing; Attribute Based Encryption; Revocation

Document Type

Article - Preprint

Document Version

Final Version

File Type




Publication Date

Mar 2020