Revocable Identity-Based And Attribute-Based Conditional Proxy Re-Encryption On Lattices

In recent years,quantum computers have developed rapidly,and the cryptographic schemes based on classical mathematical difficult problems have been greatly challenged.Therefore,it is crucial to build the cryptographic schemes that can resist the attacks of quantum computers for ensuring data security.Latticebased cryptography has anti-quantum attacks and high efficiency.Because of its advantages,it has become the focus of research.Most of the current lattice-based cryptography schemes are constructed based on three types of difficult problems:SIS(Short Integer Solution),LWE(Learning With Errors)and NTRU(Number Theory Research Unit).In this paper,our scheme is constructed based on LWE problems.The development of information technology has brought about the rapid growth of data.The birth of cloud computing provides people with great convenience in data storage and sharing.In view of the data security problems existing in cloud services,people have adopted PRE(Proxy Re-Encryption)technology.In PRE,for Alice’s(delegator)ciphertext,the proxy uses the re-encryption key to convert it into Bob’s(delegatee)ciphertext without knowing the relevant information of the plaintext,which ensures the security of the shared data.CPRE(Conditional Proxy Re-Encryption)as a variant of PRE,gives people the ability to choose shared information.In CPRE,the ciphertext is associated with a condition,the proxy can perform the re-encryption correctly only if the corresponding conditions are met.Our scheme in this paper adopts AB-CPRE(Attribute-Based Conditional Proxy Re-Encrypt ion),which performs attribute-based control of delegated decryption by setting a policy and an attribute vector.Provably secure RIB AB-CPRE:Most of the existing AB-CPRE schemes are constructed based on classical number theory assumptions and are vulnerable to attacks by quantum computers.There are few latticed-based AB-CPRE schemes,the first based-LWE AB-CPRE scheme was proposed in 2021.IBE(Identity-Based Encryption)schemes on lattice are more,and IBE is easy to realize the expansion of functions,such as key revocation and hierarchical structure.Revocable IBE has better practicability.Currently,no scheme combining lattice-based AB-CPRE and RIBE has been found.We use identity as the public key,present the first RIBAB(Revocable IdentityBased and Attribute-Based)CPRE scheme on lattices,and analyze the correctness and security of the scheme.Based on the LWE hardness assumptions we show that the scheme has indistinguishability under selective-identity and chosenplaintext attack security under the standard model.Compared with previous ABCPRE schemes,our scheme is more powerful.In addition to implementing CPRE,it also gives KGC(Key Generation Center)the ability to revoke keys,so as to eliminate malicious users and users who leak keys in the system.Furthermore,our scheme can resist attacks which based on decryption key exposure.In simple terms,we divide the decryption key into secret key and update key over time.Part of the secret key can be combined with the update key to obtain part of the decryption key.The other part of secret key is a trapdoor which associated with user identity.The user obtains the remaining partial decryption key by sampling through this trapdoor,thereby realizing the DKER(Decryption Key Exposure Resistance)feature.In addition,the attribute ciphertext added in the initial ciphertext will be further embedded in the initial ciphertext during the re-encryption process,the user uses this trapdoor to sample the relevant key to generate the re-encryption key.In the construction,we use the binary tree data structure and the complete subtree method to improve the efficiency of key update.Overall,our scheme achieves multi-functional integration,which gives users greater flexibility,suitable for more complex application scenarios.