User Key Revocation Method for Multi-cloud Service Providers

Key information leakage is one of the most serious problems in Intercloud service, to solve this problem, a scheme of user key revocation on attribute-based ring signatures is proposed. Focused on user ciphertext access in Intercloud, the mechanism of ciphertext matrixes mapping without attribute leakage is discussed, multi-authority can extend attribute sets for generation key, then full user attributes can not be acquired by Cloud Service Providers (CSP), thus overhead on attribute storage is reduced. In addition, user signature verification revocation based on revocable ring and monotone span programs is designed, which constitutes ring of CSPs, authorities and users. Receiving CSP can define ciphertext access structure, users can access ciphertext through source CSP verifying, and authorities can remove decryption key from attribute-lost users without affecting any other users. The mechanism of collusion resistance with integrating attributes on the basis of Ciphertext-Policy Attribute Base Encryption (CP-ABE) and monotone span programs is discussed, with which user attribute confidentiality can be protected from leakage. Finally, to prove the effectiviness of the proposed model, the performance analysis of communication cost and computational efficiency are verified.