TTRC-ABE：可追踪可撤销的基于循环代数带误差学习问题的格基属性加密方案

Objective With the advancement of quantum computing, lattice-based cryptography has emerged as a key approach for constructing post-quantum secure cryptographic primitives due to its inherent resistance to quantum attacks. Among these primitives, lattice-based Attribute-Based Encryption (ABE) is particularly notable for its ability to provide fine-grained access control and flexible authorization, making it suitable for data-sharing applications, such as cloud computing and the Internet of Things (IoT). However, existing lattice-based ABE schemes, especially those based on Learning With Errors (LWE) or Ring-LWE (RLWE), exhibit limitations that hinder their practical deployment. A significant issue is the absence of traitor tracing and revocation mechanisms, which leaves these schemes vulnerable to key abuse, where malicious users can share decryption keys without detection or prevention. Furthermore, the exposure of attribute values in access policies creates a privacy risk, as sensitive user information may be inferred from these values. These limitations undermine the security and privacy of lattice-based ABE systems, limiting their applicability in real-world scenarios where accountability and privacy are critical. To address these challenges, this paper proposes a novel Traitor Traceable and Revocable CLWE-based ABE (TTRC-ABE) scheme, which employs a new variant of LWE called Cyclic Algebra LWE (CLWE). The proposed scheme aims to achieve three key objectives: (1) to introduce an efficient traitor tracing mechanism to identify malicious users and a revocation mechanism to prevent revoked users from decrypting messages; (2) to enhance attribute privacy by concealing attribute values in access policies; and (3) to improve the efficiency of lattice-based ABE schemes, specifically in terms of public key size, ciphertext size, and ciphertext expansion rate. By addressing these critical issues, TTRC-ABE contributes to the advancement of lattice-based cryptography and provides a viable solution for secure, privacy-preserving data sharing in quantum-vulnerable environments. Methods In the TTRC-ABE scheme, each user’s Global IDentity (GID) is bound to the leaf nodes of a complete binary tree. This binding enables the tracing of malicious users by identifying their GIDs embedded in decryption keys. To revoke compromised users, their GIDs are added to a revocation list, and the ciphertext is updated accordingly, ensuring that any revoked user cannot decrypt the message, even if they possess a valid decryption key. Additionally, the traditional one-dimensional attribute structure (attribute value only) is replaced with a two-dimensional structure (attribute label, attribute value). The attribute labels act as public identifiers, while the attribute values remain confidential. This separation allows for the concealment of sensitive attribute values while still enabling effective access control. A semi-access policy structure is combined with an extended Shamir’s secret sharing scheme over cyclic algebra to conceal attribute values in access policies, preventing adversaries from inferring sensitive user information. Furthermore, the proposed scheme utilizes CLWE, a new variant of LWE that offers improved efficiency and security properties. A formal security proof for TTRC-ABE is provided in the standard model. The security of the scheme relies on the hardness of the CLWE problem, which is believed to be resistant to quantum computing attacks. Results and Discussions The proposed TTRC-ABE scheme demonstrates significant improvements over existing lattice-based ABE schemes in terms of functionality, security, and efficiency. The scheme successfully integrates traitor tracing and revocation features, effectively preventing key abuse by identifying malicious users and revoking their access to encrypted data. By adopting a two-dimensional attribute structure and a semi-access policy, the scheme conceals attribute values in access policies, ensuring that sensitive user information remains confidential, even when the access policy is publicly accessible. Performance analysis shows that TTRC-ABE supports traitor tracing and revocation, protects attribute privacy, and is resistant to quantum computing attacks (Table 2). Compared to related lattice-based ABE schemes, TTRC-ABE significantly reduces the public key size, ciphertext size, and average ciphertext expansion rate (Table 3, Figure 7). These improvements enhance the practicality of the scheme for real-world applications, especially in resource-constrained environments. Conclusions This paper presents a novel TTRC-ABE scheme that addresses the limitations of existing lattice-based ABE schemes. By integrating traitor tracing and revocation mechanisms, the scheme effectively prevents key abuse and ensures system integrity. The introduction of a two-dimensional attribute structure and a semi-access policy enhances attribute privacy, safeguarding sensitive user information from leakage. Furthermore, the use of CLWE improves the scheme’s efficiency, reducing public key size, ciphertext size, and ciphertext expansion rate. Security analysis confirms that TTRC-ABE is secure in the standard model, making it a robust solution for post-quantum secure ABE. Future work will focus on extending the scheme to support more complex access policies, such as hierarchical and multi-authority structures, and optimizing its performance for large-scale applications. Additionally, the integration of TTRC-ABE with other cryptographic primitives, such as homomorphic encryption and secure multi-party computation, will be explored to enable more advanced data-sharing scenarios.