LAUSR

In recent years, numerous incidents of information leakage have not only violated the privacy of users but also been a key issue hindering the development of cloud computing. How to guarantee the confidentiality of shared data while protecting the privacy of users has become a hot topic of research. In this article, we propose a decentralized attribute-based access control mechanism. Compared with the existing well-known schemes, the proposed scheme enhances private security and the confidentiality of shared data. An anonymous key extraction protocol is introduced to help users prove their identities with zero knowledge and help the authorities to generate legitimate private keys without knowing the users global identifiers and specific attributes. We also eliminate linear relationships among the keys appearing in the previous reported works, which makes unauthorized users unable to combine their private keys to generate a legal secret key or combine their respective decryption results to recover the plaintext message. Performance and security analyses show that the new work is secure against collusion attacks, thus protecting users’ privacy and security. Besides, the security of the proposed scheme is reduced to the q-PBDHE assumption in the standard model.