关键词: 密钥策略属性基加密, 适应性安全, 线性多秘密共享方案, 对偶法

Abstract: Functional encryption provides a good way for sharing encrypted data in the network environment, which is sufficient for new emerging applications. Several recent works only focused on the systems that supported single-authority-key functionality. In order to solve the open problem of the construction of multiple authority keys functional encryption, an adaptive security model of multiple-authority-key key-policy attribute-based encryption (M-KP-ABE) was presented, which allows for functionalities that take in multiple authority keys. In this system, an encryptor can specify a policy and a capability describing what the decryptor can learn from the ciphertext. A new M-KP-ABE scheme was proposed for any attribute access structure that could be expressed by a linear multi-secret sharing scheme (LMSSS). This scheme is proven to be adaptively secure in the standard model by using the dual system encryption methodology recently introduced. The key generation centre (KGC) with multiple authority keys can combine users capabilities in a specified manner and users can decrypt many kinds of ciphertexts. It is easy to apply this methodology to other subclasses of functional encryption with equal security and efficiency, which makes it more appropriate for applications.

Key words: KP-ABE, adaptive security, LMSSS, dual system encryption