Dynamic traceable CP‐ABE with revocation for outsourced big data in cloud storage

Summary Ciphertext‐policy attribute‐based encryption (CP‐ABE) is the recommended best practice for outsourced big data access control in the cloud environment. However, most of the existing CP‐ABE schemes do not address the issue of tracing and revoking the malicious user who leaks the secret key for profit, which in turn reduces the security of the CP‐ABE schemes. In this paper, we propose a dynamic traceable CP‐ABE with revocation (DTCP‐ABE) for outsourced big data in cloud storage. DTCP‐ABE scheme dynamically traces who decrypts the ciphertext during the outsourced decryption process, which helps to find the malicious user who leaks the secret key. Our scheme also automatically revokes the malicious users once they are identified. We prove that our scheme is secure against chosen‐plaintext, secret key forging, user collision, and proxy attacks. Furthermore, our scheme also achieves backward revocation security. Performance evaluation proves that our DTCP‐ABE scheme is efficient than other existing schemes.