A Flexible KP-ABE Suit for Mobile User Realizing Decryption Outsourcing and Attribute Revocation


Attribute based encryption is an effective method which can solve the access control problem of cloud storage. Realizing both efficient attributes revocation and outsourcing decryption would enhance mobile user experience. In this paper, we present a new scheme of Key-Policy Attribute Based Encryption in hybrid cloud system. In our scheme, the most of computation in the decryption process can be outsourced to the cloud and the efficiency of system is improved. In addition, the attributes of malicious users or expired ones can be revoked with unrelated users offline. Moreover system consumes a little resources rather than rebuilds the system or updates all data immediately. We also give a proof of security, a detailed description of execution and efficiency analysis.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5


  1. 1.

    Beimel, A. (1996). Secure schemes for secret sharing and key distribution. Doctoral dissertation, Technion-Israel Institute of Technology, Faculty of Computer Science.

  2. 2.

    Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based encryption. In 2007 IEEE symposium on security and privacy (SP'07) (pp. 321–334). IEEE.

  3. 3.

    Boneh, D., & Franklin, M. (2001, August). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213–229). Berlin, Heidelberg: Springer.

  4. 4.

    Green, M., Hohenberger, S., & Waters, B. (2011, August). Outsourcing the decryption of abe ciphertexts. In USENIX security symposium (Vol. 2011, No. 3).  

  5. 5.

    Hur, J., & Noh, D. K. (2011). Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Transactions on Parallel and Distributed Systems, 22(7), 1214–1221.

    Article  Google Scholar 

  6. 6.

    Lai, J., Deng, R. H., Guan, C., & Weng, J. (2013). Attribute-based encryption with verifiable outsourced decryption. IEEE Transactions on Information Forensics and Security, 8(8), 1343–1354.

    Article  Google Scholar 

  7. 7.

    Lewko, A., Okamoto, T., Sahai, A., Takashima, K., & Waters, B. (2010, May). Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques  (pp. 62–91). Berlin, Heidelberg: Springer.

  8. 8.

    Liang, X., Lu, R., Lin, X., & Shen, X. S. (2010). Ciphertext policy attribute based encryption with efficient revocation. Technical Report, University of Waterloo.

  9. 9.

    Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 24(1), 131–143.

    Article  Google Scholar 

  10. 10.

    Pirretti, M., Traynor, P., McDaniel, P., & Waters, B. (2010). Secure attribute-based systems. Journal of Computer Security, 18(5), 799–837.

    Article  Google Scholar 

  11. 11.

    Rouselakis, Y., & Waters, B. (2012). New constructions and proof methods for large universe attribute-based encryption. IACR Cryptology ePrint Archive, 2012, 583.

    Google Scholar 

  12. 12.

    Shoup, V. (1997, May). Lower bounds for discrete logarithms and related problems. In International Conference on the Theory and Applications of Cryptographic Techniques (pp. 256–266). Berlin, Heidelberg: Springer.

  13. 13.

    Sahai, A., & Waters, B. (2005, May). Fuzzy identity-based encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 457-473). Berlin, Heidelberg: Springer.

  14. 14.

    Singhal, M., Chandrasekhar, S., Ge, T., Sandhu, R., Krishnan, R., Ahn, G. J., et al. (2013). Collaboration in multicloud computing environments: Framework and security issues. Computer, 2, 76–84.

    Article  Google Scholar 

  15. 15.

    Waters, B. (2011, March). Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In International Workshop on Public Key Cryptography (pp. 53–70). Berlin, Heidelberg: Springer.

  16. 16.

    Yang, K., & Jia, X. (2012, June). Attributed-based access control for multi-authority systems in cloud storage. In 2012 IEEE 32nd International Conference on Distributed Computing Systems (pp. 536–545). IEEE.

  17. 17.

    Yang, K., Jia, X., Ren, K., Zhang, B., & Xie, R. (2013). DAC-MACS: Effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security, 8(11), 1790–1801.

    Article  Google Scholar 

  18. 18.

    Yu, S., Wang, C., Ren, K., & Lou, W. (2010, April). Attribute based data sharing with attribute revocation. In Proceedings of the 5th ACM symposium on information, computer and communications security (pp. 261–270).

Download references


This work is supported by NSFC (Grant no. 61502044).

Author information



Corresponding author

Correspondence to Shuo Zhang.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Zhang, S., Li, W., Wen, Q. et al. A Flexible KP-ABE Suit for Mobile User Realizing Decryption Outsourcing and Attribute Revocation. Wireless Pers Commun (2020). https://doi.org/10.1007/s11277-020-07503-y

Download citation


  • Attribute-based encryption
  • Decryption outsourcing
  • Attribute revocation