Revocation is one of the major problems for access control systems. Especially, the revocation cost for the data outsourced in the third party environment such as cloud storage systems. The revocation in the cloud-based access control typically deals with the cryptographic operations that introduce costly overheads for key re-generation, file re-encryption, and key re-distribution. Also, the communication for retrieving files for re-encryption and loading them back to the cloud is another non-trivial cost for data owners. In this paper, we propose a Very Lightweight Proxy Re-Encryption (VL-PRE) scheme to efficiently support attribute-based revocation and policy update in the collaborative data sharing in cloud computing environment. To this end, we propose three-phase VL-PRE protocol including re-encryption key generation, re-encryption key update, and re-encryption key renewal for supporting the optimized attribute revocation and policy update. Finally, we conduct the experiments to evaluate the performance of our VL-PRE and show that it exhibits less computation cost with higher scalability in comparison with existing PRE schemes.
展开▼
