A privacy preserving authentication scheme with flexible identity revocation in people-centric sensing

People-Centric Sensing (PCS) is a new sensing paradigm, in which people’s context information is described by attributes. However, due to the nature of “people centric” and dynamicity, the prevalence of PCS faces two main challenges, including authentication with privacy preservation and complex identity revocation.

In this paper, we propose the ABS-KR, an attribute-based signature scheme supporting key revocation. ABS-KR inherits the advantage of most attribute-based signature schemes, that is, a signature only shows that whether the user owns attributes satisfying the verification policy, no more information about his identifier or attributes, implementing authentication with privacy preservation. Furthermore, we introduce a mediator responsible for the key revocation to reduce the workload of the attribute authority managing users’ attributes and generating secret key for them. The core idea of performing flexible revocation is to divide a user’s secret key into two shares, and give one part to the mediator, making the user asking the mediator for help to generate a valid signature. Before answering the user, the mediator performs a revocation check for the user’s identifier and claimed attributes. If and only if the signer owns unrevoked attributes satisfying the policy, he can generate a valid signature. In addition, the mediator realizes instantaneous key revocation through revocation check during signing a message. Moreover, our ABS-KR supports monotone policies in the form of attribute trees under the computational Diffie–Hellman assumption.