Free global ID against collusion attack on multi-authority attribute-based encryption


Correspondence: Ang Gao, Institute of Computer Software and Theory, Xian Jiaotong University, No. 28 Xianning West Road, Xi'an, Shaanxi, 710049, China.



In order to resolve the problem that collusion attack on attribute-based encryption (ABE) with multi-authority, we firstly formulize user action of making request for key into legality and collusion by the relationship between user's attributes and decryption threshold. Furthermore, we propose an ABE scheme without presenting user's global ID (GID). In our first system, a trusted central authority assists each attribute authority (AA) to independently run a security check for users' requests, such that only legal users have power to decrypt a message. In order to prevent a malicious user from passing security check by submitting duplication request to AA, we improve the first system by our second system, where the same requests of different users are transformed into different ones associated with the subset of attributes indexes. Finally, in order to adapt this transformation to ABE, discrete Fourier transform and inverse discrete Fourier transform are used to share and recover secret key, respectively. As shown in the results of security and performance evaluation, our scheme not only improves user's privacy but also is more efficient than existing ABE schemes. Copyright © 2013 John Wiley & Sons, Ltd.