An Expressive Hidden Access Policy CP-ABE

摘要

Ciphertext Policy - Attribute Based Encryption (CPABE) has emerged as a feasible solution to address challenges of access control to a diverse set of users. In CP-ABE, owner encrypts its data under a policy of attributes, while any data consumer satisfying it can decrypt the data. Problem of existing CP-ABE schemes is that the access matrix is sent in plaintext along with the ciphertext. Hence, to provide legitimate consumers with capability to figure out their exact attributes satisfying policy; we trade-off the privacy of policy. Existing work focuses on hiding the attribute values, and most of them are based on less expressive And-based access structures. A policy can be considered as hidden, when both attribute's names and their corresponding combination cannot be revealed. To do so, we propose a novel idea of not sending the access matrix along with ciphertext. Moreover, to aid consumer in finding out the subset of his attributes satisfying policy, we exploit Hidden Vector Encryption (HVE) for subset condition checks. We give performance analysis of our scheme in Charm Simulator, and prove it to be selectively secure under DBDH and DLIN assumptions.