文摘
For a cryptosystem with a large number of users, it is necessary to provide an efficient revocation mechanism to preserve the security of whole system. In this paper, we aim to provide a scalable revocation mechanism for attribute-based signature (ABS). Specifically, we first formally define the syntax of revocable ABS (RABS), followed with a corresponding security model that considers a realistic threat called signing key exposure. Then, built on the ideas of an ABS scheme and binary data structure, we present a concrete construction of RABS with signing key exposure resistance. Finally, the proposed scheme is proved to be existentially unforgeable under adaptively chosen message attacks in the selective-predicate model, without random oracles. In addition to the necessary revocation functionality, the proposed scheme remains efficient in terms of storage cost and computation complexity.