Fully Verifiable Ciphertext-Policy Attribute-Based Encryption
摘要
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a powerful cryptographic mechanism that enables fine-grained access control, making it widely used for secure data management and sharing in cloud environments. However, no existing CP-ABE scheme provides an efficient and comprehensive solution for verifying both key generation and encryption correctness, leaving errors or malicious behavior undetectable. Such vulnerabilities may result in unauthorized access and compromise the reliability and security of the system. In this work, we propose the first Fully Verifiable CP-ABE scheme, introducing mechanisms to verify the correctness of both key generation and encryption outputs. Our approach leverages pairing-based cryptography to allow users to confirm that their private keys correspond to their assigned attributes while enabling public verification that ciphertexts accurately reflect the intended access policies. By introducing verification mechanisms for both the user’s private key and ciphertext, our scheme not only ensures that CP-ABE functions as intended, but also significantly enhances system security, accountability, and reliability. Moreover, our construction preserves the efficiency, expressiveness, and security guarantees of the underlying CP-ABE scheme, making it well-suited for real-world applications that require both correctness and efficiency.