To effectively solve overhead computing and bandwidth, high complexity problems about user access privileges revoking in cloud-storage service, a cloud-storage privilege revoking optimization mechanism based on dynamic re-encryption (DR-PRO) was proposed. Firstly, based on ciphertext access control scheme of Ciphertext Policy Attribute Based Encryption (CP-ABE), by using (k,n) threshold algorithm of secret sharing scheme, data information was divided into a number of blocks, and then a data information block was dynamically selected to realize re-encryption. Secondly, the user access privilege revoking was finished by the sub-algorithms, including data cutting, data reconstructing, data publishing, data extracting and data revoking. The theoretical analysis and test simulation showed that, based on high security of user information in cloud-storage service, compared with lazy re-encryption mechanism, the average computing and bandwidth decrease of user access privileges revoking was 5% when data file changed; compared with full re-encryption mechanism, the average computing and bandwidth decrease of user access privileges revoking was 20% when shared data block changed. The experimental results show that DR-PRO effectively improves the performance and efficiency of user access privileges revoking in cloud-storage service.