Efficient attribute-based encryption with blackbox traceability
Traitor tracing scheme can be used to identify a decryption key is illegally used in public-key encryption. In CCS'13, Liu et al. proposed an attribute-based traitor tracing (ABTT) scheme with blackbox traceability which can trace decryption keys embedded in a decryption blackbox/device rather than tracing a well-formed decryption key. However, the existing ABTT schemes with blackbox traceability are based on composite order group and the size of the decryption key depends on the policies and the number of system users. In this paper, we revisit blackbox ABTT and introduce a new primitive called attribute-based set encryption (ABSE) based on key-policy ABE (KP-ABE) and identity-based set encryption (IBSE), which allows aggregation of multiple related policies and reduce the decryption key size in ABTT to be irrelevant to the number of system users. We present a generic construction of the ABTT scheme from our proposed ABSE scheme and fingerprint code based on the Boneh-Naor paradigm in CCS'08. We then give a concrete construction of the ABSE scheme which can be proven secure in the random oracle model under the decisional BDH assumption and a variant of q-BDHE assumption.