Explore the vast range of titles available.

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology provides a new solution to address the security and fine-grained access control of traffic information in vehicular ad hoc networks (VANETs). However, in most CP-ABE schemes for VANETs, attribute revocation suffers from high system consumption and complex revocation operations, as well as from high computational overhead and low efficiency due to the use of bilinear pairwise operations. Based on this, this paper proposes a lightweight CP-ABE scheme that supports direct attribute revocation in VANETs. The scheme implements an agent-based direct attribute revocation mechanism by separating dynamic and static attributes of vehicle terminals, which reduces system consumption and simplifies the revocation operation process. The scheme uses scalar multiplication on elliptic curves instead of bilinear pairing operations and uses computational outsourcing techniques to reduce the terminal decryption cost and improve the efficiency of the scheme. The security and performance analysis shows that the overall efficiency of our scheme is better than the existing schemes under the premise of ensuring data confidentiality and integrity.

密文策略的基于属性的加密(Ciphertext-Policy Attribute-Based Encryption: CP-ABE)特别适合于云计算环境下的访问控制系统. 在大部分已有的CP-ABE方案中, 密文长度会随着访问策略的复杂性的增加而线性增大, 且属性撤销问题没有得到解决. 属性撤销机制是CP-ABE在实际应用中的一个基本要求, 与间接的属性撤销机制相比, 直接的属性撤销机制效率更高, 不存在由密钥更新所带来的性能瓶颈. 在已有的大部分支持属性撤销的CP-ABE方案中, 每次撤销事件的发生都要求对所有的密文进行更新. 提出了密文长度恒定且属性直接可撤销的CP-ABE方案. 在随机预言机模型中, 基于判定性m-BDHE假设, 证明了新方案的安全性, 这里m表示系统中用户总数的一个上界. 在新方案中, 通过引入适用于多属性值环境的撤销辅助判断函数, 判断当属性撤销事件发生时, 是否需要对一个密文进行更新. 所提出的方案支持具有多个属性值和通配符的AND策略. 性能分析和比较表明新方案适用于实际应用, 特别是用户属性变化频繁且带宽资源受限的场景.

Attribute-based encryption can be used to realize fine-grained data sharing in open networks. However, in practical applications, we have to address further challenging issues, such as attribute revocation and data search. How do data users search for the data they need in massive amounts of data? When users leave the system, they lose the right to decrypt the shared data. In this case, how do we ensure that revoked users cannot decrypt shared data? In this paper, we successfully address these issues by proposing a hidden policy attribute-based data sharing scheme with direct revocation and keyword search. In the proposed scheme, the direct revocation of attributes does not need to update the private key of non-revoked users during revocation. In addition, a keyword search is realized in our scheme, and the search time is constant with the increase in attributes. In particular, the policy is hidden in our scheme, and hence, users’ privacy is protected. Our security and performance analyses show that the proposed scheme can tackle the security and efficiency concerns in cloud computing.

The emerging cloud storage technology has significantly improved efficiency and productivity in the traditional electronic healthcare field. However, it has also brought about many security concerns. Ciphertext policy attribute-based encryption (CP-ABE) holds immense potential in achieving fine-grained access control, providing robust security for electronic healthcare data in the cloud. However, current CP-ABE schemes still face issues such as inflexible attribute revocation, relatively lower computational capabilities, and key management. To address these issues, this paper introduces a revocable and traceable undeniable ciphertext policy attribute-based encryption scheme (MA-RUABE). MA-RUABE not only enables fast and accurate data traceability, effectively preventing malicious user key leakage, but also includes a direct revocation feature, significantly enhancing computational efficiency. Furthermore, the introduction of a multi-permission mechanism resolves the issue of centralization of power caused by single-attribute permissions. Furthermore, a security analysis demonstrates that our system ensures resilience against chosen plaintext attacks. Experimental results demonstrate that MA-RUABE incurs lower computational overhead, effectively enhancing system performance and ensuring data-sharing security in cloud-based electronic healthcare systems.

The cloud service cannot only achieve data sharing but also protect data confidence against unauthorized users. User revocation is the most difficulty in cloud which revocation of any single user would affect others who share common attribute space. In this paper, we apply Broadcast Ciphertext-Policy Attribute Based Encryption (CP-ABE) and attribute segmentation to deal with this problem, and perform concrete construction to achieve scalable user revocation in further step. Broadcast CP-ABE is a direct revocation architecture, fine-grained revocation can be done without affecting any non-revoked users. Attribute segmentation decides whether to instantaneously revoke user authorization according to attribute subset. Our contributions are summarized as: Firstly, we resolve this problem by considering cloud service application scenarios in which dishonest cloud service is available. Secondly, our scheme is the owner can directly revoke multiple users, user mediator may revoke single user with its attribute subset which the system needn't periodically update private key. Thirdly, colluders cannot decrypt the private content. We attain this by integrating Broadcast CP-ABE with the technique of attribute segmentation, and redefine under the decisional bilinear Diffie-Hellman (DBDH) assumption. At last, our scheme is provably secure against adaptive chosen-ciphertext attack. In addition, we show our scheme can also be applicable to the PHR service.