Ciphertext-policy attribute-based encryption (CP- ABE) is widely used in many cyber physical systems and the Internet of things for guaranteeing information security. In order to improve the performance and efficiency of CP-ABE, this paper makes a change to the access structure of describing access polices in CP-ABE, and presents a new CP-ABE system based on the ordered binary decision diagram (OBDD). The new system makes full use of both the powerful description ability and the high calculating efficiency of OBDD. First, in the access structure, the new system allows multiple occurrences of the same attribute in a strategy, supports both positive attribute and negative attribute in the description of access polices, and can describe free-form access polices by using Boolean operations. Second, in the key generation stage, the size of secret keys generated by the new system is constant and not affected by the number of attributes; furthermore, time complexity of the key generation algorithm is O(1). Thirdly, in the encryption stage, both the time complexity of the encryption algorithm and the size of generated ciphertext are determined by the number of valid paths contained in the OBDD instead of the number of attributes occurring in access polices. Finally, in the decryption stage, the new system supports fast decryption and the time complexity of the decryption algorithm is only O(1). As a result, compared with existing CP-ABE schemes, the new system has better performance and efficiency. It is proved that the new CP-ABE system can also resist collision attack and chosen-plaintext attack under the decisional bilinear Diffie-Hellman assumption.

• 出版日期2017
• 单位桂林电子科技大学