Abstract: Attribute encryption scheme is extremely suitable for data access control in cloud storage environment, but the security problem of user private key is still a very challenging problem, which affects the practical application of attribute encryption. Aiming at this problem, the paper proposes a ciphertext-policy attribute encryption scheme based on homomorphic encryption. The attribute authorization center and the cloud service center have secret coordinates containing the private key information of the respective systems. The two use the secret coordinates of each to perform the secret calculation of the two-point and one-line slope to interactively generate the user private key. The analysis results show that the proposed scheme greatly reduces the number of communication interactions required to generate the user key while eliminating the single key generation mechanism, thereby reducing the risk of secret information leakage during the interaction process.

Key words: homomorphic encryption, access control, ciphertext strategy, attribute encryption

摘要： 属性加密方案极其适用于云存储环境下的数据访问控制，但用户私钥的安全问题仍然是一个极具挑战的问题，影响了属性加密的实际运用。针对该问题，提出一种基于同态加密的密文策略属性加密方案，属性授权中心和云服务中心拥有包含各自系统私钥信息的秘密坐标，两者利用各自秘密坐标进行保密计算两点一线斜率的方式来交互生成用户私钥。分析结果表明，所提方案在消除单密钥生成机构的同时极大地降低了生成用户密钥所需的通信交互次数，从而降低了交互过程中秘密信息泄露的风险。

关键词: 同态加密, 访问控制, 密文策略, 属性加密