A practical construction for large universe hierarchical attribute‐based encryption

Abstract

SummaryWe present a practical large universe hierarchical attribute‐based encryption (LU‐HABE) scheme, which supports monotone access structures. In our system, key generation centers (KGCs), any one in which is labeled by a unique identity, are organized as a hierarchical structure. Thus, all secret keys issued by the KGC contain 2 parts: the identity‐related one and the attribute‐related one. Once the data owner wants to encrypt his/her data, he/she needs to specify certain numbers of pairs according to his/her demand. The pair consists of an identity of a KGC and a policy of attributes managed by the corresponding KGC, eg, IDi and (Mi, ρi). If and only if an identity associated with user's secret key is equal to or is an ancestor of one of the identities appearing in ciphertext, and simultaneously a set of attributes belonging to the user satisfies the policy, the user can decrypt it successfully. Our scheme is proved to be selectively secure in the standard model under the modified “q‐type” assumption similar to the ones used in former works and is extended to support online/offline encryption. To show the efficiency of our construction, we implement our original scheme and the extended one in Charm. Analyses show that both of them are very practical.