Public Verifiable Server-Aided Revocable Attribute-Based Encryption
摘要
Revocable Attribute-Based Encryption (RABE) provides a user revocation mechanism to keep the system dynamic and protect data privacy when a user’s credentials can be expired or revealed. In verifiable server-aided RABE, where most computations are delegated to an untrusted server, users with private keys and outsourced results can decrypt the ciphertext and then verify message correctness, provided they meet the decryption conditions. This verification process, commonly known as private verification, follows a “decrypt-then-verify” paradigm and is inherently restricted to legitimate users. However, such a model lacks transparency and accountability, as it depends solely on user-side validation. This limited verifiability may undermine trust in the server’s behavior, exposing the system to disputes and potential misuse, such as malicious users falsely claiming incorrect computations, thereby leading to operational and financial risks. To address these challenges, we propose an improved server-aided RABE system that enables public verification, allowing any party to verify the untrusted server’s computations rather than entirely relying on users. Furthermore, we introduce a “verify-then-decrypt” mechanism, ensuring the correctness of outsourced results before decryption. This approach prevents users from performing redundant or incorrect decryption, thereby improving efficiency and system reliability.