A Study On Attribute-Based Encryption

Attribute-Based Encryption (ABE) is a new form of public key encryption recently. In the Attribute-Based encryption mechanism, users are described by a set of attributes. In comparison, it is no longer to worry the problems of the public key management and key escrow, and the burden of the system is reduced. In terms of access control, attribute-based cryptosystem enables an access control structure over the encrypted data by specifying the users’attributes. Datas are stored on the server as a ciphertext, so we can still keep the security of datas even the server is compromised. Users can get ciphertext directly without the authentication of server, but decrypt the message when attributes meet the access control structure correctly. The system effectively solves the problem of the server’s pressure on storaging data;data sharing is realized in an open environment. Besides, the system can provide message privacy and flexibility of access control. Finally Attribute-Based Encryption mechanism is applied in the situation where decrypting party is uncertain. It supports many-to-many communication pattern. In this paper we mainly study on the Attribute-Based Encryption.Firstly, this paper introduces the basic concepts, principles, development process and status quo of attribute-based cryptography scheme, then analyzes the basic attribute-based encyption scheme. It is divided into two types:key policy attributed-based encryption (KP-ABE) and ciphertext policy attributed-based encryption (CP-ABE). We summarize and analyse the three types of encryption algorithm, then point out their differences and relations.Secondly,we designed an attribute-based encryption scheme with a hidden access policy,which can resist collusion attact. It resolves the problem of leaking sensitive datas through open access policy. During the encryption process, encryptor achieves the aim of the indistinguish between the well-formed ciphertext components and the malformed. In the new construction, the number of operations declines by almost50%, at the sametime,the storage space of the ciphertext reduces by nearly50%, and the storage space of the private key reduces to about33%. Comparing with previous ones,the new method improves the computational efficiency, and saves system resources. Meanwhile, we can add new attributes in the access policy securely after setup is excuted where the exisiting public parameters can remain unchanged. These performances show the flexiblity of construction. Security proof is based on Decisional Bilinear Diffie-Hellman assumption.Finally, we study on the multi-authority attribute-based encryption on the basis of ciphertext policy attribute-based encryption. We propose a multi-authority ciphertext policy attribute-based encryption constuction in this paper. Attribute authority is extended from single to multiple. Each authority manages its own attributes and distributes the appropriate keys. Multi-authority not only eases the heavy burden of a single authorization center, but also reduces its high-risk. The construction is more likely to meet the needs of distributed applications. In this paper, we give the formal definition, security model of the construction. Then described the detail of the algorithms, at last security analysis and performance analysis are presented.