Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability

Abstract

Traceable multi-authority ciphertext-policy attribute-based encryption (CP-ABE) is a practical encryption method that can achieve user traceability and fine-grained access control simultaneously. However, existing traceable multi-authority CP-ABE schemes have two main limitations that prevent them from practical applications. First, these schemes only support small universe: the attributes must be fixed at system setup and the attribute space is restricted to polynomial size. Second, the schemes are either less expressive (the access policy is limited to “AND gates with wildcard) or inefficient (the system is constructed in composite order bilinear groups). To address these limitations, we present a traceable large universe multi-authority CP-ABE scheme, and further prove that it is statically secure in the random oracle model. Compared with existing traceable multi-authority CP-ABE schemes, the proposed scheme has four advantages. First, the attributes are not fixed at setup and the attribute universe is not bounded to polynomial size. Second, the ciphertext polices can be expressed as any monotone access structures. Third, the proposed scheme is constructed in prime order groups, which makes this scheme more efficient than those in composite order bilinear groups. Finally, the proposed scheme requires neither a central authority nor an identity table for tracing.