Reasearch And Application Of Attribute-based Encrytion Schemes With Constant-size Ciphertexts

With the rapid development of the internet and the distributed systems, the scale of the data sharing and processing gets bigger. And the access control for the resource has become more complicated. More flexible access control policies are needed to restrain the use of data sharing. Data confidentiality has been taken more and more seriously. The traditional PKI-based encryption mechanism could protect the confidentiality, but only the one who owns the certificate could decrypt the message. This cannot meet the need for data sharing where all the specific users can run the decrption.Therefor the attribute-based encryption (ABE) was introduced by Sahai and Waters. It enables senders to encrypt messages under a set of attributes and the cipher texts are associated with the attributes while private keys are associated with access structures. It realizes the fine-grained access control and decreases the communication cost. It can also defense the collusion attack, because of the use of random polynomials in the key generation phase. The basic ABE lacks of various access policies, so the CP-ABE and KP-ABE were generated.In most ABE systems, the cipher text size grows linearly with the number of cipher text attributes. Therefore, this paper proposes two attribute-based encryption (ABE) schemes with constant cipher text size by using the bilinear pairing. (1) A cipher text-policy attribute-based encryption (CP-ABE) scheme with O(1)-size cipher texts for threshold access policies is presented. And it is proved to be CCA secure and can be used as a hierarchical ABE scheme. (2) Show that a certain class of identity-based broadcast encryption schemes generically yields monotonic key-policy attribute-based encryption (KP-ABE) schemes in the selective set mode. Another KP-ABE scheme is realized for supporting non-monotonic access structures with constant cipher texts by combining with a new efficient identity-based revocation mechanism and the monotonic construction. (3) Finally a prototype system for the CP-ABE proposed above is designed and realized to verify the correctness of the scheme.