Abstract: Existing access policies of attribute-based encryption schemes seldom involve the time factor. When users set access policies for their own data, it is impossible to limit the time when the users who access the data have the attributes. It is also a challenging problem in attribute-based encryption to track and revoke a user who leaks the key maliciously, and the existing revocable schemes are too computationally intensive and inefficient. To address these problems, a revocable and traceable attribute-based encryption scheme based on time factor is proposed. In the scheme, the user's access time is marked in the user key, the earliest/latest time of the user's attribute acquisition can be limited in the access policy, and the time of the user's attribute acquisition is verified during decryption, which enriches the access policy of the system and realizes the backward security of the scheme. The decryption phase is managed by the time verification server, and only the user time tag factor needs to be updated when the user attributes are revoked, and only the time factor needs to be deleted when the user is revoked, so as to achieve efficient revocation and forward security of the scheme. Finally, under the assumption of DBDH, the proposed scheme is IND-CPA secure. The performance analysis and experimental results show that the proposed scheme has richer features and higher performance.

Key words: ciphertext-policy attribute-based encryption(CP-ABE), user revocation, user attribute revocation, forward and backward security, time-based access control