Open Access

ARTICLE

LUAR: Lightweight and Universal Attribute Revocation Mechanism with SGX Assistance towards Applicable ABE Systems

Fei Tang^1,*, Ping Wang¹, Jiang Yu¹, Huihui Zhu¹, Mengxue Qin¹, Ling Yang²

1 The School of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing, 400065, China
2 Chongqing Unicom Industrial Internet Co., Ltd., Chongqing, 401121, China

* Corresponding Author: Fei Tang. Email:

(This article belongs to the Special Issue: Privacy-Enhancing Technologies for Secure Data Cooperation and Circulation)

Computers, Materials & Continua 2026, 86(3), 69 https://doi.org/10.32604/cmc.2025.073423

Received 17 September 2025; Accepted 05 November 2025; Issue published 12 January 2026

Abstract

Attribute-Based Encryption (ABE) has emerged as a fundamental access control mechanism in data sharing, enabling data owners to define flexible access policies. A critical aspect of ABE is key revocation, which plays a pivotal role in maintaining security. However, existing key revocation mechanisms face two major challenges: (1) High overhead due to ciphertext and key updates, primarily stemming from the reliance on revocation lists during attribute revocation, which increases computation and communication costs. (2) Limited universality, as many attribute revocation mechanisms are tailored to specific ABE constructions, restricting their broader applicability. To address these challenges, we propose LUAR (Lightweight and Universal Attribute Revocation), a novel revocation mechanism that leverages Intel Software Guard Extensions (SGX) while minimizing its inherent limitations. Given SGX’s constrained memory (≈90 MB in a personal computer) and susceptibility to side-channel attacks, we carefully manage its usage to reduce reliance while mitigating potential collusion risks between cloud service providers and users. To evaluate LUAR’s lightweight and universality, we integrate it with the classic BSW07 scheme, which can be seamlessly replaced with other ABE constructions. Experimental results demonstrate that LUAR enables secure attribute revocation with low computation and communication overhead. The processing time within the SGX environment remains stable at approximately 55 ms, regardless of the complexity of access policies, ensuring no additional storage or computational burden on SGX. Compared to the Hardware-based Revocable Attribute-Based Encryption (HR-ABE) scheme (IEEE S&P 2024), LUAR incurs a slightly higher computational cost within SGX; however, the overall time from initiating a data request to obtaining plaintext is shorter. As access policies grow more complex, LUAR’s advantages become increasingly evident, showcasing its superior efficiency and broader applicability.

---

Keywords

---