Fully Secure Unbounded Revocable Attribute-Based Encryption in Prime Order Bilinear Groups via Subset Difference Method

Providing an efficient revocation mechanism for attribute-based encryption (ABE) is of utmost importance since over time an user’s credentials may be revealed or expired. All previously known revocable ABE (RABE) constructions (a) essentially utilize the complete subtree (CS) scheme for revocation purpose, (b) are bounded in the sense that the size of the public parameters depends linearly on the size of the attribute universe and logarithmically on the number of users in the system, and (c) are either selectively secure, which seems unrealistic in a dynamic system such as RABE, or fully secure but built in a composite order bilinear group setting, which is undesirable from the point of view of both efficiency and security. This paper presents the first fully secure unbounded RABE using subset difference (SD) mechanism for revocation which greatly improves the broadcast efficiency compared to the CS scheme. Our RABE scheme is built on a prime order bilinear group setting resulting in practical computation cost, and its security depends on the Decisional Linear assumption.