Research On Traceable Attribute-Based Encryption Scheme

Attribute-based encryption(ABE),supporting one-to-many encryption and fine-grained access control,has broad application prospects in distributed systems and cloud computing.However,a decryption key in ABE is only associated with attributes that may be shared by multiple users,and do not contain any identity information of its original owner.Thus,a security problem called user tracing problem emerges,that is,multiple user could be suspect according to a leaked decryption key,and there is no feasible way to detect which one is correct.The user tracing problem will result in the decryption privilege abuse,and break the security of ABE schemes,and seriously hinder the adoption of ABE in reality.Therefore,traceable ABE schemes were studied in this paper in order to solve the user tracing problem.1)There are new challenges along with the adoption of ABE in specific scenarios,such as the multi-domain environment.In a multi-domain environment with two-layer structure,namely domains and intradomain users,the proper fashion of user tracing is to trace the domain of the user first,narrowing down the scope of tracing,and then to trace the user in the domain.Unfortunately,the existing traceable ABE schemes which only focus on one level of users tracing are not suitable for the two-layer structure of multi-domain environments.Therefore,a white-box traceable ABE scheme in multi-domain environment was proposed.A so-called two-layer traceability was obtained in the proposed scheme,which developed the traceability of the conventional traceable ABE schemes.Specifically,a short signature technique was used to prevent an attacker from forging the tracing parameter for the traceability of domains,and the linkability of linkable ring signature technology was employed to provide a tracing method for users.Moreover,the proposed scheme supports any monotone access structure and is proved to be fully secure under chosen plaintext attack in the standard model.The comparison between the proposed scheme and other related schemes shows that with the increase of the number of attributes,the asymptotic communication cost and the asymptotic computation cost of the proposed scheme essentially increase linearly and are lower than most of the comparison schemes,which makes the proposed scheme more suitable for solving the user tracing problem in multi domain environment.2)Key delegation abuse and user tracing are two important security problems in ABE.At present,most of the ABE schemes rely on the tracking function to resist key abuse,but this way is only a deterrent and post accountability,and cannot prevent the abuse of key delegation in advance.In other words,it is incomplete to solve the key abuse by using tracking.Therefore,a traceable ABE scheme with key-delegation abuse resistance was proposed.On the one hand,a secret parameter were shared to all the components related to the attribute in the user's private key,and the decryption operation needed to reconstruct the secret parameter,which made all the components related to the attribute participate in the decryption,and only a part of the components would not be able to complete the decryption,thus realizing the key-delegation abuse resistance of the proposed scheme.On the other hand,the unforgeability of a short signature structure was used to protect the tracing parameter in the user's private key,and the tracing parameter was associated with the user's identity,thus realizing the traceability of the proposed scheme.Since the support of both key-delegation abuse resistance and traceability can address the problem of user key abuse and user tracing more comprehensively,the security of the proposed scheme is enhanced.Moreover,the traceability proof of the proposed scheme proceeds in the strict standard model.The comparison between the proposed scheme and other related schemes shows that the parameters size and the computation cost of the proposed scheme increase linearly with the increase of the number of attributes and are smaller than the comparison scheme with the same functional characteristics,which means the proposed scheme has certain performance advantages in parameters size and computation cost.