A Practical and Efficient Key-Aggregate Cryptosystem for Dynamic Access Control in Cloud Storage

Abstract

Dynamically changing access rights of users in large-scale secure data sharing is an important challenge which designers of the secure systems have to address. We focus efficient enforcement of the dynamic access control using key-aggregate cryptosystem (KAC), an efficient solution to secure data sharing. In this paper, we present a novel KAC construction that, in addition to satisfying all key-aggregate efficiency requirements, allows a data owner to enforce dynamic updates in access rights of a user much more efficiently than the existing ones. In particular, the proposed KAC construction handles the dynamic updates at the level of public parameters, and does not require the data owner to carry out any secure transmissions. This further means that none of the data users, including the one(s) whose access rights are updated, has to update their secrets. Thus, the dynamic update operation of the proposed KAC scheme is free from the one-affects-all problem. We present a formal security proof of the proposed KAC scheme and analyze its performance to further support our claims. © 2024, The Author(s), under exclusive license to Springer Nature Switzerland AG.