Revocable and decentralized attribute-based encryption

In this paper, we propose a revocable and decentralized attribute-based encryption (ABE) system that splits the task of decryption key generation across multiple attribute authorities (AAs) without requiring any central party such that it achieves attribute revocation by simply stopping updating of the corresponding private key. In our system, a party can easily behave as an AA by creating a public and private key pair without any global communication except the creation for the common system parameters, under which it can periodically issue/update private key components for users that reflect their attributes, and an AA can freely leave the system once its corresponding attribute is revoked without communication with other AAs. In addition, to revoke a user, those AAs that have issued private keys to this user easily cease the key updating process for the user without affecting other AAs' execution. For the construction of our system, the technical barrier is to make private keys collusion resistant. Since in our system each component of a user's private key at a time period may come from different AAs and there is no coordination between these AAs, traditional technique of binding together different components (issued by different AAs) of a private key by randomization cannot be employed. To overcome this, we tie the key components together and prevent collusion attacks between different users by embedding distinct identifiers and a commonly shared time attribute in these components.