Secure Internet of Things in Cloud Computing via Puncturable Attribute-Based Encryption With User Revocation

With significant achievements of Internet of Things (IoT) in cloud services, IoT devices are becoming primary targets of cyber attackers. To protect security of previous messages generated by IoT devices in cloud computing, puncturable attribute-based encryption (PABE) was introduced which achieves fine-grained access control and supports self-update to private keys to disable the decryption capability to existing ciphertexts. Users in PABE are identified by their attributes and authenticated via the attribute authority (AA) which issues them attribute keys. But PABE does not consider any attribute revocation which should be managed by the AA. To address such a concern, this article presents a primitive called PABE with user revocation (PAER) which is the first light-weight PABE scheme with the user revocation achieved by the AA broadcasting the information for the key update. In addition to the light calculation of users in the decrypting process, another prominent advantage in PAER is that the AA does not need to communicate with users to revoke their attributes but broadcasts regular updates in the network. We present a concrete construction of PAER, and then implement the given scheme to evaluate its practicability in the real world.