| Attribute-based encryption is a hot topic in cryptography recent years. It is a public key encryption mechanism based on the fuzzy identity-based encryption and it makes the information with privacy and the access-control with flexibility. The greatest advantage of attribute-based encryption is that it is particularly suitable in the situation of distributed environments and not fixed decrypt side. Information providers need not care about the encrypted message decrypted by whom but the message recipient whether meeting the appropriate conditions. With the excellent features and a wide range of applications, attribute-based encryption becomes more and more popular to cryptologists.A series of research results has been made in the field of attribute-based encryption, such as the flexible expression of access structure, efficient calculation, multi-authorized institution, revoked mechanism, user accountability and so on. In this paper, attribute-based encryption mechanism is studied and our work is as follows.Firstly, we make an in-depth analysis and extensive comparison of the typical attribute-based encryption under the door limits access policies, tree structure access policies and linear secret sharing access policies. The key and ciphertext length, encryption and decryption overhead are calculated. And the advantages and disadvantages of each scheme are concluded, which makes the research of attribute-based encryption clear and provides the theoretical foundations to design new schemes.Secondly, the multi-authority attribute-based encryption is studied. We present a multi-authority attribute-based encryption scheme based on the key strategies. It reduces the workload and high-risk of a single authority and meets the requirements of a distributed environment. Compared with the existing multi-authority attribute based encryption, our scheme removed the central authority which has the decryption ability, and made all the authority have the coequal status. Also, our scheme supports "and""or", and the threshold operation, achieving the flexible access control in the multi-authority system. In addition, in order to ensure the successful decryption, we introduced the verification, verifying the correctness of the key and the ciphertext. It can make the decryptor accurately trace back to the wrong party when something goes error. We constructed the formal definition, given the specific description, and conducted a safety analysis.Finally, the mechanism of attribute revocation and key delegation is studied. We propose a new attribute-based encryption scheme with attribute revocation and delegation. In this scheme, we use a linear secret sharing matrix to construct the access policies. It supports any monotone access structure and with advantage of a key division technology for the key distribution, one having the delegation rights can achieve key conversion. We give formal definition and security model to prove the security of our scheme. |
PDF Full Text Request