Research On Multi-Authority Attribute-Based Encryption Mechanism

Attribute-based encryption can ensure the confidentiality of data and achieve fine-grained access control.However,in the single-authority attribute-based encryption mechanism,users' attributes can only be assigned by an attribute authority,resulting in that data can only be shared within the management domain of the attribute authority,and cannot solve the problem of data sharing among multiple different attribute authorities.The multi-authority attribute-based encryption mechanism realizes the confidentiality of data and fine-grained access control,and can solve the problem of data sharing among multiple different attribute authorities.Therefore,the research on multi-authority attribute-based encryption mechanism has important theoretical significance and use value.In this paper,the multi-authority attribute-based encryption scheme is studied in depth,including:(1)Aiming at these problems that the computational overhead is large,the effectiveness of attribute revocation is low,and the access policy cannot be hidden in the multi-authority attribute-based encryption scheme,this paper proposes a multi-authority attribute-based encryption scheme which supports attribute revocation,verifiable outsourcing decryption and privacy preserving.In the proposed scheme,outsourcing decryption technology is used to transfer complex decryption calculations to the cloud service provider,anti-collision hash function is used to verify the correctness and integrity of outsourcing decryption.The version key is introduced into the attribute to complete the attribute revocation.By using bilinear pairing operation to replace the attribute value in the access policy with another value to hide the access policy,the privacy of data owner is protected.The security analysis shows that the proposed scheme based on the decisional q-bilinear Diffie-Hellman exponent assumption satisfies the indistinguishable adaptive choice plaintext attack in the standard model,and achieves forward security and collusion resistance.Comparing with the existing schemes,the proposed scheme can simultaneously support verifiable outsourcing decryption,attribute revocation and privacy preserving,and the computational and communication overhead of the proposed scheme is low,which is more suitable for application in cloud storage systems.(2)Aiming at these problems that the encryption calculation and communication overhead is high in the multi-authority attribute-based encryption scheme,this paper proposes an efficient revocable multi-authority attribute-based encryption scheme based on elliptic curve cryptography,which don't need any complex bilinear pairing operations,and introduces a version key into each attribute to achieve attribute revocation.The security analysis indicates that the proposed scheme based on the decisional Diffie-Hellman assumption satisfies the indistinguishable adaptive choice plaintext attack in the standard model.Comparing with the existing schemes,the proposed scheme can achieve attribute revocation,and has the lowest computational overhead and communication overhead.