CP-IPFE: Ciphertext-Policy Based Inner Product Functional Encryption
Haoxuan Yang, Changgen Peng
Abstract
Access control schemes in predicate encryption can effectively reduce the risk of information leakage in the inner product function encryption (IPFE). However, when we try to transition from identity-based IPFE to attribute-based IPFE, the fine-grained nature of attributes induces some unprecedented access control problems. These problems not only lead to incorrect inner product computation results from attribute-based IPFE but also inevitable passive information leakage induced by large attribute set secret key. At the same time, since the above problems are not common in identity-based IPFE and traditional ABEs, they cannot be properly addressed by existing schemes. To address the above problems, we introduce a new scheme - Ciphertext Policy Based Inner Product Function Encryption (CP-IPFE). In this scheme, we propose to use a "label vector" to label the attributes of n-dimensional vectors and encode them onto the relevant information, so as to ensure that the attribute-based IPFE will not output incorrect inner-product computation results; establishing a leaf node set-based "reverse access control policy" to realize reverse access control on "risky ciphertext", ensures that "risky ciphertext" will not be leaked encrypted-information by the secret key of large attribute sets. In addition, CP-IPFE also has the characteristics of traditional attribute encryption and supports more fine-grained access control. Finally, we prove the CPA security of the CP-IPFE in the GGM model and show a detailed application of the CP-IPFE on a general-purpose platform.