Compulsory traceable ciphertext-policy attribute-based encryption against privilege abuse in fog computing

Due to the structure of fog systems, ciphertext-policy attribute-based encryption (CP-ABE) is regarded as a promising technique to address certain security problems present in the fog. Unfortunately, in most traditional CP-ABE systems, a user can deliberately leak his attribute keys to others or use his private key to build a decryption device and provide a decryption service with little risk of being caught (untraceable). We refer to this behavior as privilege abuse. The privilege abuse problem will seriously hinder the adoption of CP-ABE. To address the problem, we propose a novel black-box traceable CP-ABE scheme that is much simpler than the existing white-box traceable schemes. A malicioususer who builds a decryption black-box can be tracked and exposed by our scheme. Due to its scalability and relatively high efficiency, the scheme could be practical for fog systems. Furthermore, we point out that, if the adversary can distinguish the tracing ciphertext from the normal ciphertext, he can frustrate tracking by outputting incorrect decryption results. Thus, the traceability must be compulsory, so as to ensure that the adversary cannot distinguish between the tracing ciphertext and the normal ciphertext. Therefore, we present a formal definition of compulsory traceability with a new security game, and our scheme is proved to be secure and compulsory traceable under the generic group model.