Research On Attribute-based Encryption Supporting Efficient Access Structure

With the rapid development of information technology,information security has been taken seriously.As an important branch of public key cryptography,Attribute-based Encryption(ABE)is an effective approach to realize data confidentiality as well as fine-grained access control.However,most of the researches on attribute-based encryption not only suffer from the low efficiency and limited expressive ability of access structure,but also only provide selective security or can only achieve adaptive security under non-standard mathematical assumption.Meanwhile,considering the problems of user revocation and key leakage in practical applications,it is necessary to introduce the effective revocation mechanism into ABE to handle the case where the privilege of the user dynamically changes.For the above-mentioned problems,this thesis studies Revocable Attribute-based Encryption(RABE),and ABE that support efficient access structures by dual-system encryption technology,and achieves the following research results:This thesis proposes an ABE scheme supporting indirect revocation based on Monotonic Span Programs(MSP).The proposed scheme not only efficiently realizes access control over encrypted data in a fine-grained and revocable way,but also is proved to be adaptively secure under Decisional Linear assumption(DLIN).In addition,the proposed scheme satisfies unbounded property,so the setup algorithm is independent of the size of the polices or the length of the attributes and produces public parameters which are a constant number of group elements.Meanwhile,the efficient MSP is elegantly utilized as the access structure to reduce the number of bilinear pairing and exponentiation operations for encryption and decryption,thereby improving the efficiency of data encryption and decryption.The proposed scheme outperforms the existing schemes in expansibility,security and efficiency.This thesis proposes an ABE scheme supporting direct revocation based on Arithmetic Span Programs(ASP).In the proposed scheme,the technique of non-zero inner product encryption predicate coding achieves effective user revocation,while the ASP ensures the efficient expression of access control policies in the encryption phase and improves the efficiency of data encryption.In addition,the proposed scheme doesn't need to pre-define the size and attributes of the attribute set and access policy during system initialization,allowing the system to add new attributes or roles at any time.Based on the dual-system encryption technique,the proposed scheme is proved to be adaptively secure under the Matric Decisional Diffie-Hellman assumption(MDDH).Theoretical performance analysis and experimental evaluation show that the proposed scheme outperforms the existing schemes in expansibility,security and efficiency.