支持属性撤销的可验证外包的多授权属性加密方案

针对云存储中基于多授权属性加密（MA-ABE）访问控制方案存在数据使用者解密开销大，同时缺乏有效属性撤销的问题，提出了一种支持属性撤销的可验证外包的多授权属性加密方案。首先，利用可验证外包技术，降低数据使用者的解密开销，同时验证数据的完整性。然后，利用双线性映射保护访问策略，防止数据拥有者身份泄露。最后，利用每个属性的版本密钥实现立即的属性撤销。安全性分析表明所提方案在标准模型中判定性的q双线性Diffie-Hellman指数假设下是安全的，同时满足了前向安全性和抗合谋攻击。性能分析表明所提方案在功能性和计算开销两方面都具有较好的优势，因此所提方案更适用于云存储下多授权属性加密环境。

Attribute revocation and verifiable outsourcing supported multi-authority attribute-based encryption scheme

Focusing on the large decryption overhead of the data user and the lack of effective attribute revocation of the Multi-Authority Attribute-Based Encryption (MA-ABE) access control scheme in cloud storage, an attribute revocation and verifiable outsourcing supported multi-authority attribute-based encryption scheme was proposed. Firstly, the data user's decryption overhead was markedly reduced and the integrity of the data was verified by using verifiable outsourcing technology. Then, the bilinear mapping was used to protect the access policy, preventing the identity of the data owner from leaking. Finally, the version key of each attribute was used to realize the immediate attribute revocation. The security analysis shows that the proposed scheme is safe under the decisional q-bilinear Diffie-Hellman exponent assumption in the standard model, achieves forward security and is able to resist collusion attack. The performance analysis shows that the proposed scheme has great advantages in terms of functionality and computational cost. Therefore, this scheme is more suitable for multi-authority attribute-based encryption environment in cloud storage.