Privacy-Improving Multi-Authority Ciphertext- Policy Attribute-Based Encryption With Internal Fraud Attack Resistance Based on Blockchain

Zhang, Zhaoqian and Gong, Bei and Fan, Xin and Yuan, Yilin and Yang, Fan and Meng, Weizhi and Zhu, Qiang (2025) Privacy-Improving Multi-Authority Ciphertext- Policy Attribute-Based Encryption With Internal Fraud Attack Resistance Based on Blockchain. IEEE Transactions on Network Science and Engineering. pp. 1-22. ISSN 2327-4697

Text (TNSE-2025-03-0590_Proof_hi)
TNSE-2025-03-0590_Proof_hi.pdf - Accepted Version
Download (2MB)

Abstract

Multi-Authority Ciphertext-Policy Attribute-Based Encryption (MACP-ABE), an extension of CP-ABE, is a promising cryptographic mechanism for protecting data confidentiality and is widely adopted due to its enhanced scalability. However, MACP-ABE suffers from attribute privacy leakage and internal fraud attacks. Specifically, compromised authorities can collude to collect user's attributes exposing sensitive personal characteristics, and the collusion between authorities and malicious insiders can lead to unauthorized data access. To protect user privacy, previous researches adopted the Anonymous Credential System, which is centralized and reduces the reliability of the scheme. Moreover, they fail to consider the internal fraud attacks. In this paper, we propose the first privacy-improving MACP-ABE scheme capable of resisting internal fraud attacks. First, we use smart contracts to perform anonymous and credible identity authentication. We allow users to participate with pseudonyms, ensuring that the traceability of any pseudonym cannot be linked to a specific user. Furthermore, we present a blockchain-based anonymous key distribution protocol, where the key issuing process is recorded and verified by the blockchain. This ensures that malicious insiders and corrupt authorities cannot bypass the blockchain to perform spurious key distribution. Rigorous security analysis proves that our scheme can resist chosen plaintext attacks, internal fraud attacks and user collusion attacks. Experimental results show that, compared to state-of-the-art schemes, our scheme achieves comparable storage and computational efficiency in core algorithms while reducing the communication cost of anonymous key distribution by approximately 12.6% and computation cost by around 21.4%. Blockchain experiments reveal that, with balanced throughput and latency, the user initialization latency for 20 attributes is about 680 ms, the anonymous authentication latency is around 720 ms, and the overall latency of anonymous key distribution increases by around 26.7%, which remains within an acceptable range for real-world applications, given the significant security enhancements.