@Article{cmc.2020.06278,
AUTHOR = {Changji Wang, Yuan Yuan},
TITLE = {An Efficient Ciphertext-Policy Attribute-Based Encryption  Scheme with Policy Update},
JOURNAL = {Computers, Materials \& Continua},
VOLUME = {63},
YEAR = {2020},
NUMBER = {2},
PAGES = {1031--1041},
URL = {http://www.techscience.com/cmc/v63n2/38558},
ISSN = {1546-2226},
ABSTRACT = {Ciphertext-policy attribute-based encryption (CP-ABE) is a promising 
cryptographic solution to the problem for enforcing fine-grained access control over 
encrypted data in the cloud. However, when applying CP-ABE to data outsourcing 
scenarios, we have to address the challenging issue of policy updates because access 
control elements, such as users, attributes, and access rules may change frequently. In this 
paper, we propose a notion of access policy updatable ciphertext-policy attribute-based 
encryption (APU-CP-ABE) by combining the idea of ciphertext-policy attribute-based key 
encapsulation and symmetric proxy re-encryption. When an access policy update occurs, 
data owner is no longer required to download any data for re-encryption from the cloud, 
all he needs to do is generate a re-encryption key and produce a new encapsulated 
symmetric key, and then upload them to the cloud. The cloud server executes re-encryption 
without decryption. Because the re-encrypted ciphertext is encrypted under a completely 
new key, users cannot decrypt data even if they keep the old symmetric keys or parts of the 
previous ciphertext. We present an APU-CP-ABE construction based on Syalim et al.’s
[Syalim, Nishide and Sakurai (2017)] improved symmetric proxy re-encryption scheme 
and Agrawal et al.’s [Agrawal and Chase (2017)] attribute-based message encryption 
scheme. It requires only 6 bilinear pairing operations for decryption, regardless of the 
number of attributes involved. This makes our construction particularly attractive when 
decryption is time-critical.},
DOI = {10.32604/cmc.2020.06278}
}