Disclosed in the present invention is a revocable cloud data security sharing method, comprising the steps: a cloud server generates a public parameter and a master key of a system; the cloud server generates a corresponding private key for each user id; a data owner encrypts data M required to be shared into a ciphertext C and uploads the ciphertext C to the cloud server; the data owner generates a shared key for an initial shared user list S and uploads the shared key to the cloud server; the cloud server receives a shared user list R to be revoked from the data owner to obtain a new shared user list S'=S-R, and generates a new shared key corresponding to the shared user list S'; the cloud server generates a ciphertext CT of shared users according to the ciphertext C and the current shared key; the users download the ciphertext from the cloud server, and decrypt same by using the private keys to obtain the data M. By means of the present invention, the data owner can safely share the data stored in the cloud with other users while being capable of effectively revoking some of the shared users according to own requirements.
展开▼
