新的格上多机构属性基加密方案

针对基于双线性映射的属性基加密方案中无法抵抗量子攻击的问题，该文提出一种新的格上多机构属性基加密方案。先利用格上左抽样算法为用户生成密钥，使得用户私钥尺寸与级联矩阵的列数和用户属性个数相关，缩短用户私钥尺寸；然后采用Shamir门限秘密共享技术构造访问树，实现属性的与、或、门限3种操作，密文允许基于任意的访问结构生成，表达能力更加丰富，解决了大多方案中访问策略单一问题；方案证明可在标准模型下归约到判定性带误差学习问题的难解性。对比分析表明，方案系统公私钥、用户私钥和密文尺寸均有所优化，并较优于大多数单机构方案，此外方案存在多个属性机构，支持任意单调访问结构，安全性和实用性更满足云环境需求。

New Multi-authority Attribute-based Encryption Scheme on Lattices

To resolve the problem of poor security on quantum attack in attribute-based encryption over the bilinear maps, a new multi-authority attribute-based encryption scheme on lattices is proposed. Firstly, the SamepleLeft algorithm was used to extract the users private key, so it can reduce the size of private key which is related to the dimensions of concatenation matrix and the quantity of users attributes. Secondly, aiming at the problem of single access policy, the new scheme employed the Shamir secret sharing scheme which is used to construct an access tree to realized AND, OR, THRESHOLD operations on attributes, so the ciphertext can be generated by any access structure, and the expressive skill of access policy is more extensive. Lastly, the security of the proposed scheme could reduce to the hardness of decisional learning with errors problem under standard model. Comparative analysis shows that, the size of public parameters, master secret key, users private key and ciphertext are all optimized, and it has better performance than single authority schemes in some degree. Furthermore, from perspective of security and practicability, the new multi-authority attribute-based encryption scheme is more suitable for the demand of cloud environment.