The Journal of China Universities of Posts and Telecommunications ›› 2021, Vol. 28 ›› Issue (6): 13-25.doi: 10.19682/j.cnki.1005-8885.2021.1021

Previous Articles     Next Articles

Fine-grained cooperative access control scheme with hidden policies


  1. 1. School of Cyberspace Security, Xi'an University of Posts and Telecommunications, Xi'an 710121, China
    2. National Engineering Laboratory for Wireless Security, Xi'an University of Posts and Telecommunications, Xi'an 710121, China
  • Received:2021-07-31 Revised:2021-10-07 Online:2021-12-30 Published:2021-12-30
  • Supported by:
    the National Natural Science Foundation of China (62072369, 62072371, 61772418), the Innovation Capability Support Program of Shaanxi (2020KJXX- 052), the Shaanxi Special Support Program Youth Top-notch Talent Program, the Key Research and Development Program of Shaanxi (2020ZDLGY08-04, 2021ZDLGY06-02), the Natural Science Basic Research Program of Shaanxi (2021JQ-722)


The traditional ciphertext policy attribute-based encryption (CP-ABE) has two problems:one is that the access policy must be embedded in the ciphertext and sent, which leads to the disclosure of user爷 s privacy information, the other is that it does not support collaborative decryption, which cannot meet the actual demand of conditional collaborative decryption among multiple users. In order to deal with the above two problems at the same time, a fine-grained cooperative access control scheme with hidden policies (FCAC-HP) is proposed based on the existing CP-ABE schemes combined with blockchain technology. In FCAC-HP scheme, users are grouped by group identifier so that only users within the same group can cooperate. In the data encryption stage, the access policy is encrypted and then embedded in the ciphertext to protect the privacy information of the access policy. In the data access stage, the anonymous attribute matching technology is introduced so that only matched users can decrypt ciphertext data to improve the efficiency of the system. In this process, a smart contract is used to execute the
verification algorithm to ensure the credibility of the results. In terms of security, FCAC-HP scheme is based on the prime subgroup discriminative assumption and is proved to be indistinguishable under chosen plaintext attack (CPA) by dual system encryption technology. Experimental verification and analysis show that FCAC-HP scheme improves computational efficiency while implementing complex functions.

Key words: attribute-based encryption, hidden policy, group collaboration, blockchain

CLC Number: