Abstract:
Functional encryption opens up a much larger world of possibilities for sharing encrypted data. It is sufficient for many emerging applications. Some recent work aimed at constructing different types of fine-grained encryption systems which could be cast in the framework of functional encryption,such as IBE,ABE,PE,but they only focused on the systems that supported single-authority-key functionality. We extend functional encryption to multiple-authority-key functional encryption,which can provide more sophisticated and flexible functionality. This system allows an encryptor to specify a policy and a capability by describing what users can learn from the ciphertext. The policies are similar to what were defined in the previous systems and the capabilities are expressed as different kinds of authority keys. This paper gives a security model for a class of multiple-authority-key functional encryption, multiple-authority-key KP-ABE. A new KP-ABE scheme,which supports functionalities taken in multiple authority keys,is proposed in the given security model. Our techniques allow for any attribute access the structure expressed by a linear multi-secret sharing scheme (LMSSS) matrix M. Based on the assumption of DBDH,this scheme is proven to be selectively secure in the standard model under chosen plaintext attack. It is easy to derive the single-authority-key scheme from the multiple-authority-key scheme and construct fine-grained tree-access structure. The computational cost of our scheme is equal to the single-authority-key scheme,which makes it more appropriate in many practical applications.