策略半隐藏且支持更新的多机构属性加密方案

针对云环境中采用属性基加密机制所引起的隐私泄露和策略更新开销大的问题，提出支持访问策略半隐藏和动态更新的多机构属性基加密方案．该方案采用策略半隐藏方式，将属性分为属性名和属性值两部分，通过对用户的属性值进行隐藏，保护用户的所有属性隐私，避免用户的具体属性值泄露给第三方．另外，方案采用线性秘密共享技术，引入动态策略更新算法，支持与、或、非等任何类型的策略更新，减少传统策略更新中的计算和通信开销．经安全性分析证明，该方案在标准模型下满足选择明文攻击安全．通过与其他方案对比，用户密钥大小、密文大小和解密代价均有所优化，更加适用于云环境中需保护用户隐私及支持策略更新的情况．

Multi-authority attribute-based encryption scheme with policy semi-hidden and dynamic updating

Attribute-Based Encryption (ABE) is a new cryptographic technique which guarantees fine-grained access control of outsourced encrypted data in the cloud. However, privacy revealing and policy updating are the key limitations. Thus, a Multi-Authority attribute-based encryption scheme with policy partially hidden and dynamic updating is proposed. In the scheme, the users' attribute is divided into two parts: the attribute name and the attribute value. The values of the user's attributes are hidden to prevent from revealing to any third parties. In addition, the Linear Secret-Sharing Scheme(LSSS) access structure and policy updating algorithms can support any type of policy updating, and it proves secure against the chosen plaintext attack in the standard model. Compared to the existing related schemes, the size of both users' secret key and ciphertext is reduced, and the lower computing cost makes it more effective in protecting users' attributes and support policy updates.