Abstract: Based on prime-order bilinear groups, we propose a decentralized multi-authority attribute-based encryption scheme which is proven to be secure in the standard model. Firstly, we construct an attribute-based encryption system with a central authority (CA) and multiple attribute authorities (AAs), where CA is responsible for generating a random value associated with each user’s unique global identifier (GID), and does not participate in any operation related to users’ attributes. Different users will get different random values, thus they cannot obtain any information beyond authority even through collusion. Every attribute authority is responsible for different attributes domain and they are independent of each other. It’s even not necessary to know the existence of each other in the system. In particular, there is no authority that can decrypt a ciphertext alone. Secondly, this scheme can be extended to a decentralized attribute-based encryption with multiple CAs setting, where every CA is also independent of each other, and each user can issue his private key from only one CA. Bringing it into practice under the Charm infrastructure, the results show that the decentralized attribute based encryption schemes are very efficient, whose ciphertexts are of constant size, i.e., regardless of the number of underlying attributes of access control policy or users.

Key words: decentralized, multi-authority attribute-based encryption, ciphertext access control, constant-size ciphertext, collusion resistant