Large-Universe Attribute-Based Encryption with Public Traceability for Cloud Storage

Attribute-based encryption (ABE) can be utilized to achieve both data security and fine-grained access control in a cloud computing environment. However, we need to consider the risks of key abuse and key escrow in such a setting. Specifically, the former risk category includes the illegal sharing of user's keys (i.e., user key abuse) and illegal key distribution by an authority (i.e., authority key abuse), and the latter includes the scenario where some ciphertext is decrypted by the authority without the user's approval. Hence, in this article, we seek to address both key abuse and key escrow concerns when deploying ABE in a cloud computing environment. In our construction, two authorities [i.e., a key generation center (KGC) and an attribute authority (AA)] participate in the generation of the user's secret key. Both KGC and AA will not know the full decryption key or have the capability to forge one. As a result, neither KGC nor AA can illegally distribute the user's private key to unauthorized users or decrypt user's ciphertexts without the user's approval. In addition, in our scheme, any private keys modified by malicious users cannot be successfully used for decryption. In the event that some user illegally shares his/her original private key, the scheme has in place a mechanism to trace the abused private key (since the user's identity information is embedded in the private key). Hence, our scheme supports public traceability, key abuse, and key escrow. In addition, our scheme is based on prime order bilinear groups, and is shown to be selectively secure in the standard model.