CR-FH-CPABE: Secure File Hierarchy Attribute-Based Encryption Scheme Supporting User Collusion Resistance in Cloud Computing

The attribute-based encryption (ABE) scheme, which can set specific conditions to control user access to data, has been widely studied and applied to cloud storage services. Considering file hierarchy in practical scenarios, the ABE scheme can set a hierarchical access control policy so multiple files can be associated with one access structure to reduce users' computing overhead and save the cloud server's storage space. However, the existing systems have the risk of user collusion due to the hierarchical access control structure parameters. This paper proposes a secure file hierarchy ABE scheme supporting user collusion resistance (CR-FH-CPABE) in cloud computing. We add a data noise vector without changing the hierarchical access control structure to prevent user ultra vires. Technically, we break the relationships that colluding users could exploit, prevent malicious users from colluding with their computing results, and extract meaningful information from the ciphertext. In addition, we provide an improved CR-FH-CPABE scheme with outsourced decryption, which helps resource-limited devices obtain computing services. Finally, we demonstrate our scheme is CPA secure and show outstanding performance through simulation results.