A Ciphertext-Policy Attribute-Based Encryption Scheme Supporting Keyword Search Function

摘要

With the advent of cloud computing, more and more individuals and companies are motivated to outsource their data and services to clouds. As for the privacy and security reasons, sensitive data should be encrypted prior to outsourcing. However, encrypted data will hamper efficient query processing and fined-grained data sharing. In this paper, we propose a new cryptographic primitive called ciphertext-policy attribute-based encryption scheme with keyword search function (KSF-CP-ABE) to simultaneously solve above issues. When a data owner wants to outsource sensitive data in the public cloud, he/she encrypts the sensitive data under an access policy and also build a secure index for the set of keywords. Only authorized users whose credentials satisfy the access policy can retrieve this encrypted data through keyword search and decrypt the ciphertext. We also present a concrete KSF-CP-ABE construction from bilinear pairings and proved that the proposed KSF-CP-ABE scheme is secure against both outer attacks and inner attacks. What's more, cloud service provider can perform partial decryption task delegated by data user.