在這發展快速的互聯網時代中，數據傳輸遭受身份認證不足的困擾，從而導致了機密數據洩漏。幸運的是，基於屬性的加密方案被提出，該方案被認為能有效的確保數據在公開環境下傳輸的安全性，並且提供數據細粒度共享的解決方案。
然而現存的ABE方案在密文解密時，往往是透過比對使用者屬性與訪問策略上的葉節點是否相等或不相等，這意味著越是複雜的訪問策略往往隱含著更大的儲存成本，然而這對於計算能力和儲存能力有限的網路終端設備，無疑是一個巨大的負擔，幸運的是隨著雲服務的崛起，能一定程度的降低資料傳輸在計算與儲存上的成本。近期Lu等人進一步提出了一種新型態的屬性加密機制，用來降低複雜訪問策略所帶來的儲存負擔，在該機制中，改進了原先訪問策略的樹節點為單一屬性的特性，將葉節點轉換為以集合為單位，因此可以有效的改善訪問策略的大小，原因在於過度細化的訪問結構，往往會使得訪問策略的過度膨脹，不幸的是，我們發現Lu等人所提出的機制無法完全達到所論述的觀點，為此我們設計了一種新的機制來確保集合之間的比較。另外，在真實的環境中系統會視情況取消使用者的訪問權限，這也使得Lu等人的機制在現實應用場景中顯得不那麼靈活，針對以上觀點，我們在兩種機制中都加入了可撤銷性，透過嵌入一份撤銷清單到機制中，用來確保被撤銷的使用者無法正確對密文進行解密，也增強了機制的可靠性。在本文中，我們根據所提出的密碼機制定義了能有效解決上述問題的系統模型，並通過形式分析，訂定了該系統的安全性，最後我們在指定的難問題下證明了我們所提出的機制滿足選擇明文攻擊的要求，也透過q-decisional MEDBH假設確保了此機制的可撤銷性。

In this rapidly evolving era of the Internet, insufficient authentication of data transfers creates the risk of confidential data leakage. Attribute-based encryption (ABE) offers a solution for secure data transmission and fine-grained sharing. However, existing ABE schemes incur high
storage costs when decrypting ciphertext due to complex access structure. Lu proposed an attribute encryption mechanism to address the storage burden, unfortunately, we found that the
mechanism proposed by them cannot fully achieve the point they discussed. To address this, we designed a new mechanism for set comparisons, we also add the user revocation function
into both mechanisms to enhance reliability. In this paper, we define a system model that can effectively solve the above problems according to the proposed cryptographic mechanism
and determine the security of the system through formal analysis. Finally, we prove that our proposed mechanism meets the requirement of a chosen plaintext attack under the specified difficult problem, and the revocability of this mechanism is also ensured through the 𝑞-decisional MEDBH assumption.

Policy-driven Data Sharing over Attribute-Based Encryption supporting Dual Membership.

Revocation Systems with Very Small Private Keys.

Ciphertext-Policy Attribute-Based Broadcast Encryption with Small Keys.

Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization.

Ciphertext-Policy Attribute-Based Encryption.

Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage.

Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts.

Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption.

Multi-authority Attribute Based Encryption.

Improving Privacy and Security in Multi-Authority Attribute-Based Encryption.

Multi-authority attribute-based encryption with honest-but-curious central authority.

Efficient attribute-based encryption with attribute revocation for assured data deletion.

An Efficient Attribute-Based Encryption Scheme With Policy Update and File Update in Cloud Computing.

Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization.

Attribute-Based Encryption with Non-Monotonic Access Structures.

Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption.

Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage.

An Overview on Edge Computing Research.

Supporting Non-membership Proofs with Bilinear-map Accumulators.

Attribute-Based Encryption Optimized for Cloud Computing.

Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems.

Ciphertext-Policy Attribute-Based Broadcast Encryption with Small Keys.

Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage.

New directly revocable attribute-based encryption scheme and its application in cloud storage environment.

Revocation and Tracing Schemes for Stateless Receivers