Attribute-Based Encryption Scheme Without Key Escrow And Support For Attribute Revocation

In 2005,Sahai and Waters first introduced the notion of attribute based public keycryptosystem.Attribute based public key cryptosystem is to consider the user's identity information as a set of attributes that can be described,encryption system uses attributes to define access structure,only if at least a threshold number of attributes overlap between the ciphertext and his secret key,can he decrypt the ciphertext.On many devices with limited resources,bilinear pairing operations and modular exponentiation are expensive and difficult.In the attribute based encryption scheme,a lot of bilinear pairing operations are involved in the decryption process,which brings a lot of burden to the users,and the private key of the user is generated by the attribute authority AA,which requires a large number of modular exponentiation,the computing burden of AA is very large.In order to reduce the burden of AA and users at the same time,securely outsourcing attribute based encryption with checkability has become the focus of cryptography.But the private key of the user in the attribute based encryption scheme is generated by the attribute authority AA,so has the key escrow problem.In this paper,we further study and discuss attribute based encryption scheme,and obtain the following results:(1)In this paper,we propose an attribute based encryption scheme without key escrow and support for attribute revocation.In this scheme,most of the computing work in the key generation is outsourced to two cloud servers,most of the computing work in the decryption process is outsourced to a cloud server,which reduces the computing burden of AA and users.And the user's private key is composed of two parts,one part is generated by attribute authority AA,the other is generated by the users themselves,so without key escrow problem? Our scheme is Selective-CPA secure in the standard model,the security of this scheme is based on the established hard problem.(2)The attribute based encryption scheme proposed by [6] has no security proof.I have supplemented the security proof of this encryption scheme.