Abstract:

Based on the analysis of existing attributebased encryption schemes with attribute revocation, a new attributebased encryption scheme with attribute revocation and key delegation based on policy control is proposed. The arbitrator of scheme can control attribute revocation and key delegation flexibly via two policy table, i.e. table of attribute revocation and table of attribute proxy. By querying the attribute revocation table, the arbitrator refuse to decrypt for the user of which attribute has revoked to achieve the purpose of attribute revocation. When the decryption right is delegated, the key of delegation conversion is sent to the arbitrator. By using of attribute proxy table, the arbitrator decides if the user has the right of delegation, so as to achieve the goal of flexible attribute proxy. The scheme uses a linear secret sharing matrix to construct the access policies in order to support flexible access structure and applies the key division technology to the key distribution. Finally, the correctness and security of proposed scheme are proven.

Key words: attributebased encryption, attribute revocation, proxy encryption, linear secret sharing scheme