基于理想格的高效密文策略属性基加密方案

已有的基于格的密文策略属性基(CP-ABE)方案只能通过矩阵运算方法进行加解密，加解密效率不高，而效率较高的基于理想格的密钥策略属性基(KP-ABE)方案又存在对各类实际应用场景适应性较差的问题。为解决上述问题，该文利用理想格上的算法生成主密钥和密钥，同时在多项式环上进行运算，极大地提高了加解密效率；通过在原属性集合中添加虚拟属性，方案成功结合访问结构生成密文，同时授权用户可以构建出满足解密条件的子集，从而实现方案的正确解密；还利用单个陷门矩阵生成密钥，有效降低了公共参数和主密钥的数量。最终该文构建了一个基于理想格的支持门限访问结构的高效CP-ABE方案，并证明方案在环上容错学习(R-LWE)假设下是选择性安全的。与现有支持门限访问结构的方案的对比分析表明，该文方案公共参数数量更少、效率更高，且对实际应用场景有更好的适应性。

An Efficient Ciphertext-policy Attribute-based Encryption on Ideal Lattices

The existing Ciphertext-Policy Attribute-Based Encryption (CP-ABE) schemes from lattices are inefficient while they are performed in matrix operation, and these Key-Policy Attribute-Based Encryption (KP-ABE) schemes from ideal lattices with higher efficiency are inadaptable to most practical application scenarios. To solve these problems, the new scheme generates master keys and secret keys by the algorithms based on ideal lattices and the whole scheme is computed over a polynomial ring, thus its efficiency of encryption and decryption can be greatly improved. The ciphertexts associated with access structure are successfully generated by adding some virtual attributes to the original attribute set. Meanwhile, the authorized user can build a subset based on these virtual attributes for decrypting the scheme correctly. And the secret keys are generated by a single trapdoor matrix, which reduces the number of public parameters and master keys effectively. Finally, an efficient CP-ABE scheme for flexible threshold access structures on ideal lattices is proposed, and its security is reduced to decisional Learning With Errors over Ring (R-LWE) assumption against chosen plaintext attack in the selective security model. Comparative analysis of similar schemes shows that the new scheme has less public parameters and higher efficiency, and gets better adaptability to the practical application scenarios.