Tongxin xuebao (Oct 2024)
CP-ABE scheme supporting partially hidden access policy
Abstract
Most of the existing ciphertext-policy attribute-based encryption (CP-ABE) schemes that support outsourced decryption do not consider the privacy protection of the ciphertext access policy, while some schemes that support policy hidden have the problem of low access policy matching efficiency. Therefore, a CP-ABE scheme was proposed that supported access policy hidden and had high efficiency in access policy matching. In this scheme, the attribute values were blinded and a policy hidden access tree was constructed to realize the privacy protection of the access policy. Bloom filter was used to filter attributes and authenticate members, so as to quickly find the minimum set of attributes that meet the access policy and reduce a large number of invalid calculations in the decryption test. Finally, cloud servers with strong computing power for outsourced computing were used to reduce local decryption costs. Theoretical analysis and experimental results show that the proposed scheme can take into account both computational efficiency and policy privacy protection, significantly improving access policy matching efficiency, encryption and decryption speed, and local decryption time is reduced to a constant level. Security analysis demonstrates that the proposed scheme not only protects the privacy of outsourced access policies but also can resist chosen plaintext attacks.
