Abstract
In a ciphertext-policy attribute-based encryption (CP-ABE) scheme, a user may have multiple attributes, and each attribute may be shared simultaneously by many users. The decryption key of an attribute can thus be shared by many users who all possess the attribute. For monetary gain, a malicious authorized user may reveal his/her decryption key to a third party, and it is difficult to trace the owner of primitive secret key from an exposed key. At the same time, this situation may also limit commercial applications of CP-ABE systems. To solve these problems and enable fine-grained access control for the encrypted data, we propose a traceable CP-ABE scheme with attribute-level user revocation for cloud storage (TUR-CPABE). Our scheme enjoys four advantages. First, it has the ability to trace malicious users who have leaked key information from the system. Second, it supports attribute-level user revocation for malicious users and allows ABE fine-grained access control. Third, it allows secret key updates and ciphertext updates to resist collusion attacks between users. Fourth, outsourcing encryption, decryption and attribute revocation are used to reduce the computational burden on data owners, data users and the trust authority, respectively. In addition, our scheme has been proven to be secure against chosen plaintext attacks under a selective access policy based on decisional q - BDHE assumption in the standard model.