Abstract:

Attribute-based encryption mechanism is widely used in outsourcing environment because of its charac-teristics of “one-to-many” communication. However, users?? attributes often change dynamically. In order to solve the problem of attribute revocation in the attribute-based encryption scheme in the outsourcing systems, combined with the attribute-based encryption scheme proposed by Yan et al., a revocable ciphertext-policy attribute-based encryption in data outsourcing systems from lattices is introduced. The scheme uses the LWE (learning with error) problem to construct the encryption and decryption algorithm, which can resist the quantum attack. Tree-access structure is adopted to realize flexible fine-grained access strategy. In addition, with the help of the data outsourcing management server, the attribute key and ciphertext are updated to achieve immediate attribute revocation. The scheme is proven to satisfy the security under the selective attribute and selective plaintext attack. The comparative analysis shows that the scheme has a significant improvement in performance, and supports immediate attribute revocation, which is more suitable for the dynamic change of users in the outsourcing systems, such as social network platform.

Key words: lattices, attribute-based encryption, attribute revocation

摘要：

属性基加密机制的“一对多”分发特点使其在外包环境中得到了广泛的应用，然而用户的属性经常会发生动态的变化。因此，针对数据外包环境下属性基加密体制中属性撤销的问题，结合Yan等人提出的属性基加密方案，提出一种外包环境下格上可撤销的密文策略属性基加密方案。方案利用格上LWE问题构建加解密算法，可抵抗量子攻击。采用树形表示单调的访问结构，实现灵活的细粒度访问策略。另外，借助数据外包管理服务器，进行属性密钥的更新和密文的更新，实现属性的即时撤销。方案被证明满足选择属性及选择明文攻击下安全。通过对比分析表明，方案在性能方面有显著的提升，且支持属性即时撤销，更加符合外包环境中用户动态变化需求，如社交网络平台等。

关键词: 格, 属性基加密, 属性撤销