Research On Attribute-Based Public Key Cryptosystems

In an attribute-based encryption (ABE) system, the user only knows the attributes of thereceiver, and need not know the detailed identity information of the receivers. In the encryptionprocess, the user defines an access structure by a set of attributes. The receiver can decrypt aparticular ciphertext only if there is a match between the access structure of the ciphertext andthe receiver’s private key. So it is an efficient way to realize the flexibility of access control andcan protect the receiver’s privacy.ABE has attracted many researchers’ attention since it was proposed. Then it has reached alot of achievements in recent years. Firstly, ABE scheme has been divided into ciphertext policyattribute-based and key policy attribute-based by the policy definition. Secondly, the security ofABE scheme has been intensified obviously. Finally, the expression of the access structure hasbeen improved, too. However, there are still some important problems remained to be solved.One problem is the improvement of the efficiency, which includes how to decrease thecomputation cost of the encryption and decryption, how to shorten the size of the ciphertext, howto improve the efficiency of transmission. Another problem is the compatibility of theattribute-based encryption scheme. For example, in order to meet the increasing requirements ofpractical applications, we should design the scheme with special function. Therefore, how toconstruct more practical attribute-based encryption scheme is worth considering for us.This dissertation shows the research work based on the questions mentioned above. Firstly,an attribute-based encryption scheme with constant size ciphertexts and constant length ofpairing computations will be proposed in prime order bilinear group. At the same time, it will beproven fully secure within standard model. Secondly, in a given scenario, the encryption schemeshould keep strong anonymity in order to protect the access structure of the authorized users.Therefore, we propose a hidden access structure attribute-based encryption scheme with constantsize private key and constant length of pairing computations, and is also fully secure in thestandard model. Finally, in order to ensure the validity of the ciphertext, the receiver mustauthenticate the ciphertext, we propose an attributed-based signcryption scheme and this schemewill be proven secure under selective attributes and chosen message attacks in the random oraclemodel.