TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices

LIU Yuan; WANG Licheng; ZHOU Yongbin

doi:10.11999/JEIT240997

Volume 47 Issue 6

Jun. 2025

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2025 > 47(6): 1911-1926

LIU Yuan, WANG Licheng, ZHOU Yongbin. TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices[J]. Journal of Electronics & Information Technology, 2025, 47(6): 1911-1926. doi: 10.11999/JEIT240997

Citation:

LIU Yuan, WANG Licheng, ZHOU Yongbin. TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices[J]. Journal of Electronics & Information Technology, 2025, 47(6): 1911-1926. doi: 10.11999/JEIT240997

Citation:

PDF( 2996 KB)

TTRC-ABE: Traitor Traceable and Revocable CLWE-based ABE Scheme from Lattices

doi: 10.11999/JEIT240997 cstr: 32379.14.JEIT240997

1.
School of of Cyber Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, China
2.
School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China

Funds: The Defense Industrial Technology Development Program (JCKY2021606B013), The National Natural Science Foundation of China (62302224, 62302226), Yunnan Province Science and Technology Major Project (202302AD080002)

Received Date: 2024-11-07
Rev Recd Date: 2025-04-02

Available Online: 2025-04-23

Publish Date: 2025-06-30

Abstract

Abstract

Objective With the advancement of quantum computing, lattice-based cryptography has emerged as a key approach for constructing post-quantum secure cryptographic primitives due to its inherent resistance to quantum attacks. Among these primitives, lattice-based Attribute-Based Encryption (ABE) is particularly notable for its ability to provide fine-grained access control and flexible authorization, making it suitable for data-sharing applications, such as cloud computing and the Internet of Things (IoT). However, existing lattice-based ABE schemes, especially those based on Learning With Errors (LWE) or Ring-LWE (RLWE), exhibit limitations that hinder their practical deployment. A significant issue is the absence of traitor tracing and revocation mechanisms, which leaves these schemes vulnerable to key abuse, where malicious users can share decryption keys without detection or prevention. Furthermore, the exposure of attribute values in access policies creates a privacy risk, as sensitive user information may be inferred from these values. These limitations undermine the security and privacy of lattice-based ABE systems, limiting their applicability in real-world scenarios where accountability and privacy are critical. To address these challenges, this paper proposes a novel Traitor Traceable and Revocable CLWE-based ABE (TTRC-ABE) scheme, which employs a new variant of LWE called Cyclic Algebra LWE (CLWE). The proposed scheme aims to achieve three key objectives: (1) to introduce an efficient traitor tracing mechanism to identify malicious users and a revocation mechanism to prevent revoked users from decrypting messages; (2) to enhance attribute privacy by concealing attribute values in access policies; and (3) to improve the efficiency of lattice-based ABE schemes, specifically in terms of public key size, ciphertext size, and ciphertext expansion rate. By addressing these critical issues, TTRC-ABE contributes to the advancement of lattice-based cryptography and provides a viable solution for secure, privacy-preserving data sharing in quantum-vulnerable environments. Methods In the TTRC-ABE scheme, each user’s Global IDentity (GID) is bound to the leaf nodes of a complete binary tree. This binding enables the tracing of malicious users by identifying their GIDs embedded in decryption keys. To revoke compromised users, their GIDs are added to a revocation list, and the ciphertext is updated accordingly, ensuring that any revoked user cannot decrypt the message, even if they possess a valid decryption key. Additionally, the traditional one-dimensional attribute structure (attribute value only) is replaced with a two-dimensional structure (attribute label, attribute value). The attribute labels act as public identifiers, while the attribute values remain confidential. This separation allows for the concealment of sensitive attribute values while still enabling effective access control. A semi-access policy structure is combined with an extended Shamir’s secret sharing scheme over cyclic algebra to conceal attribute values in access policies, preventing adversaries from inferring sensitive user information. Furthermore, the proposed scheme utilizes CLWE, a new variant of LWE that offers improved efficiency and security properties. A formal security proof for TTRC-ABE is provided in the standard model. The security of the scheme relies on the hardness of the CLWE problem, which is believed to be resistant to quantum computing attacks. Results and Discussions The proposed TTRC-ABE scheme demonstrates significant improvements over existing lattice-based ABE schemes in terms of functionality, security, and efficiency. The scheme successfully integrates traitor tracing and revocation features, effectively preventing key abuse by identifying malicious users and revoking their access to encrypted data. By adopting a two-dimensional attribute structure and a semi-access policy, the scheme conceals attribute values in access policies, ensuring that sensitive user information remains confidential, even when the access policy is publicly accessible. Performance analysis shows that TTRC-ABE supports traitor tracing and revocation, protects attribute privacy, and is resistant to quantum computing attacks (Table 2). Compared to related lattice-based ABE schemes, TTRC-ABE significantly reduces the public key size, ciphertext size, and average ciphertext expansion rate (Table 3, Figure 7). These improvements enhance the practicality of the scheme for real-world applications, especially in resource-constrained environments. Conclusions This paper presents a novel TTRC-ABE scheme that addresses the limitations of existing lattice-based ABE schemes. By integrating traitor tracing and revocation mechanisms, the scheme effectively prevents key abuse and ensures system integrity. The introduction of a two-dimensional attribute structure and a semi-access policy enhances attribute privacy, safeguarding sensitive user information from leakage. Furthermore, the use of CLWE improves the scheme’s efficiency, reducing public key size, ciphertext size, and ciphertext expansion rate. Security analysis confirms that TTRC-ABE is secure in the standard model, making it a robust solution for post-quantum secure ABE. Future work will focus on extending the scheme to support more complex access policies, such as hierarchical and multi-authority structures, and optimizing its performance for large-scale applications. Additionally, the integration of TTRC-ABE with other cryptographic primitives, such as homomorphic encryption and secure multi-party computation, will be explored to enable more advanced data-sharing scenarios.
- Cyclic Algebra LWE (CLWE),
- Attribute-Based Encryption (ABE),
- Traitor tracing,
- Traitor revocation,
- Privacy preserving

FullText(HTML)

References(45)

References

[1]	SAHAI A and WATERS B. Fuzzy identity-based encryption[C]. The 24th Annual International Conference on Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 2005: 457–473. doi: 10.1007/11426639_27.
[2]	REGEV O. On lattices, learning with errors, random linear codes, and cryptography[C]. The 37th Annual ACM Symposium on Theory of Computing, Baltimore, USA, 2005: 84–93. doi: 10.1145/1060590.1060603.
[3]	LYUBASHEVSKY V, PEIKERT C, and REGEV O. On ideal lattices and learning with errors over rings[C]. 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French, Riviera, 2010: 1–23. doi: 10.1007/978-3-642-13190-5_1.
[4]	ZHANG Ruoqing, HUI L, YU S, et al. A traceable outsourcing CP-ABE scheme with attribute revocation[C]. The 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, Australia, 2017: 363–370. doi: 10.1109/Trustcom/BigDataSE/ICESS.2017.259.
[5]	NING Jianting, CAO Zhenfu, DONG Xiaolei, et al. White-box traceable CP-ABE for cloud storage service: How to catch people leaking their access credentials effectively[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 15(5): 883–897. doi: 10.1109/TDSC.2016.2608343.
[6]	HAN Dezhi, PAN Nannan, and LI K C. A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(1): 316–327. doi: 10.1109/TDSC.2020.2977646.
[7]	ZHAO Yang, LIU Zhaozhong, AN Jingmin, et al. A traceable and revocable attribute-based encryption scheme based on policy hiding in smart healthcare scenarios[C]. The 17th International Conference on Information Security Practice and Experience, Taipei, China, 2022: 624–639. doi: 10.1007/978-3-031-21280-2_35.
[8]	HE Xu, LI Lixiang, and PENG Haipeng. An enhanced traceable CP-ABE scheme against various types of privilege leakage in cloud storage[J]. Journal of Systems Architecture, 2023, 136: 102833. doi: 10.1016/j.sysarc.2023.102833.
[9]	LIU Xiao, WEI Zhenyang, LI Gaoxiang, et al. An enhanced traceable access control scheme based on multi-authority CP-ABE for cloud-assisted e-health system[J]. Computer Networks, 2024, 254: 110766. doi: 10.1016/j.comnet.2024.110766.
[10]	ZHANG Jiang and ZHANG Zhenfeng. A ciphertext policy attribute-based encryption scheme without pairings[C]. The 7th International Conference on Information Security and Cryptology, Beijing, China, 2011: 324–340. doi: 10.1007/978-3-642-34704-7_23.
[11]	ZHANG Jiang, ZHANG Zhenfeng, and GE Aijun. Ciphertext policy attribute-based encryption from lattices[C]. The 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, 2012: 16–17. doi: 10.1145/2414456.2414464.
[12]	AGRAWAL S, BOYEN X, VAIKUNTANATHAN V, et al. Functional encryption for threshold functions (or fuzzy IBE) from lattices[C]. The 15th International Conference on Practice and Theory in Public Key Cryptography, Darmstadt, Germany, 2012: 280–297. doi: 10.1007/978-3-642-30057-8_17.
[13]	BOYEN X. Attribute-based functional encryption on lattices[C]. The 10th Theory of Cryptography Conference on Theory of Cryptography, Tokyo, Japan, 2013: 122–142. doi: 10.1007/978-3-642-36594-2_8.
[14]	LIU Ximeng, MA Jiangeng, XIONG Jinbo, et al. Threshold attribute-based encryption with attribute hierarchy for lattices in the standard model[J]. IET Information Security, 2014, 8(4): 217–223. doi: 10.1049/iet-ifs.2013.0111.
[15]	GORBUNOV S, VAIKUNTANATHAN V, and WEE H. Attribute-based encryption for circuits[C]. The 45th Annual ACM symposium on Theory of Computing, Palo Alto, USA, 2013: 545–554. doi: 10.1145/2488608.2488677.
[16]	ZHAO Jian, GAO Haiying, and ZHANG Junqi. Attribute-based encryption for circuits on lattices[J]. Tsinghua Science and Technology, 2014, 19(5): 463–469. doi: 10.3969/j.issn.1007-0214.2014.05.005.
[17]	BONEH D, GENTRY C, GORBUNOV S, et al. Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuit[C]. The 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, 2014: 533–556. doi: 10.1007/978-3-642-55220-5_30.
[18]	ZHU Weiling, YU Jianping, WANG Ting, et al. Efficient attribute-based encryption from R-LWE[J]. Chinese Journal of Electronics, 2014, 23(4): 778–782. doi: 10.23919/CJE.2014.10851999.
[19]	GORBUNOV S and VINAYAGAMURTHY D. Riding on asymmetry: Efficient ABE for branching programs[C]. The 21st International Conference on Advances in Cryptology, Auckland, New Zealand, 2015: 550–574. doi: 10.1007/978-3-662-48797-6_23.
[20]	吴立强, 杨晓元, 韩益亮. 基于理想格的高效模糊身份加密方案[J]. 计算机学报, 2015, 38(4): 775–782. doi: 10.3724/SP.J.1016.2015.00775. WU Liqiang, YANG Xiaoyuan, and HAN Yiliang. An efficient FIBE scheme based on ideal lattices[J]. Chinese Journal of Computers, 2015, 38(4): 775–782. doi: 10.3724/SP.J.1016.2015.00775.
[21]	ZHANG Guoyan, QIN Jing, and QAZI S. Multi-authority attribute-based encryption scheme from lattices[J]. Journal of Universal Computer Science, 2015, 21(3): 483–501. doi: 10.3217/jucs-021-03-0483.
[22]	BRAKERSKI Z and VAIKUNTANATHAN V. Circuit-ABE from LWE: Unbounded attributes and semi-adaptive security[C]. The 36th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, USA, 2016: 363–384. doi: 10.1007/978-3-662-53015-3_13.
[23]	孙泽栋, 祝跃飞, 顾纯祥, 等. 基于RLWE的密钥策略属性加密体制[J]. 通信学报, 2016, 37(S1): 125–131. doi: 10.11959/j.issn.1000-436x.2016258. SUN Zedong, ZHU Yuefei, GU Chunxiang, et al. RLWE-based key-policy ABE scheme[J]. Journal on Communications, 2016, 37(S1): 125–131. doi: 10.11959/j.issn.1000-436x.2016258.
[24]	DAI Wei, DORÖZ Y, POLYAKOV Y, et al. Implementation and evaluation of a lattice-based key-policy ABE scheme[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(5): 1169–1184. doi: 10.1109/TIFS.2017.2779427.
[25]	闫玺玺, 刘媛, 李子臣, 等. 新的格上多机构属性基加密方案[J]. 电子与信息学报, 2018, 40(4): 811–817. doi: 10.11999/JEIT170628. YAN Xixi, LIU Yuan, LI Zichen, et al. New multi-authority attribute-based encryption scheme on lattices[J]. Journal of Electronics & Information Technology, 2018, 40(4): 811–817. doi: 10.11999/JEIT170628.
[26]	GÜR K D, POLYAKOV Y, ROHLOFF K, et al. Practical applications of improved Gaussian sampling for trapdoor lattices[J]. IEEE Transactions on Computers, 2019, 68(4): 570–584. doi: 10.1109/TC.2018.2874479.
[27]	TSABARY R. Fully secure attribute-based encryption for t-CNF from LWE[C]. The 39th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, USA, 2019: 62–85. doi: 10.1007/978-3-030-26948-7_3.
[28]	WANG Geng, LIU Zhen, and GU Dawu. Ciphertext policy attribute-based encryption for circuits from LWE assumption[C]. The 21st International Conference on Information and Communications Security, Beijing, China, 2019: 278–396. doi: 10.1007/978-3-030-41579-2_22.
[29]	LIU Yuan, WANG Licheng, LI Lixiang, et al. Secure and efficient multi-authority attribute-based encryption scheme from lattices[J]. IEEE Access, 2019, 7: 3665–3674. doi: 10.1109/ACCESS.2018.2888850.
[30]	ARRAWAL S and YAMADA S. Optimal broadcast encryption from pairings and LWE[C]. The 39th Annual International Conference on Advances in Cryptology, Zagreb, Croatia, 2020: 13–43. doi: 10.1007/978-3-030-45721-1_2.
[31]	LIU Yuan, WANG Licheng, SHEN Xiaoying, et al. Space-efficient key-policy attribute-based encryption from lattices and two-dimensional attributes[J]. Security and Communication Networks, 2020, 2020: 2345369. doi: 10.1155/2020/2345369.
[32]	ZHAO Siyu, JIANG Rui, and BHARGAVA B. RL-ABE: A revocable lattice attribute based encryption scheme based on R-LWE problem in cloud storage[J]. IEEE Transactions on Services Computing, 2022, 15(2): 1026–1035. doi: 10.1109/TSC.2020.2973256.
[33]	DATTA P, KOMARGODSKI I, and WATERS B. Decentralized multi-authority ABE for DNFs from LWE[C]. The 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 2021: 177–209. doi: 10.1007/978-3-030-77870-5_7.
[34]	WATERS B, WEE H, and WU D J. Multi-authority ABE from lattices without random oracles[C]. The 20th International Conference on Theory of Cryptography, Chicago, USA, 2022: 651–679. doi: 10.1007/978-3-031-22318-1_23.
[35]	WEE H. Optimal broadcast encryption and CP-ABE from evasive lattice assumptions[C]. The 4lst Annual international Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, 2022: 217–241. doi: 10.1007/978-3-031-07085-3_8.
[36]	LUO Fucai, AL-KUWARI S, WANG Haiyan, et al. Revocable attribute-based encryption from standard lattices[J]. Computer Standards & Interfaces, 2023, 84: 103698. doi: 10.1016/j.csi.2022.103698.
[37]	HUANG Boxue, GAO Juntao, and LI Xuelian. Efficient lattice-based revocable attribute-based encryption against decryption key exposure for cloud file sharing[J]. Journal of Cloud Computing, 2023, 12(1): 37. doi: 10.1186/s13677-023-00414-w.
[38]	AGRAWAL S, KUMARI S, and YAMADA S. Attribute based encryption for Turing machines from lattices[C]. The 44th Annual International Cryptology Conference, Santa Barbara, CA, USA, 2024: 352–386. doi: 10.1007/978-3-031-68382-4_11.
[39]	XIE Shuwei, ZHANG Leyou, WU Qing, et al. Flexibly expressive and revocable multi-authority KP-ABE scheme from RLWE for internet of medical things[J]. Journal of Systems Architecture, 2024, 152: 103179. doi: 10.1016/j.sysarc.2024.103179.
[40]	GROVER C, MENDELSOHN A, LING C, et al. Non-commutative ring learning with errors from cyclic algebras[J]. Journal of Cryptology, 2022, 35(3): 22. doi: 10.1007/s00145-022-09430-6.
[41]	MENDELSOHN A and LING Cong. Fractional non-norm elements for division algebras, and an application to cyclic learning with errors[J]. Advances in Mathematics of Communications, 2024, 18(2): 410–424. doi: 10.3934/amc.2023043.
[42]	LANGLOIS A and STEHLÉ D. Worst-case to average-case reductions for module lattices[J]. Designs, Codes and Cryptography, 2015, 75(3): 565–599. doi: 10.1007/s10623-014-9938-4.
[43]	ZHAO Puning and LAI Lifeng. Minimax optimal Q learning with nearest neighbors[J]. IEEE Transactions on Information Theory, 2025, 71(2): 1300–1322. doi: 10.1109/TIT.2024.3522347.
[44]	ZHANG Pengfei, CHENG Xiang, SU Sen, et al. Effective truth discovery under local differential privacy by leveraging noise-aware probabilistic estimation and fusion[J]. Knowledge-Based Systems, 2023, 261: 110213. doi: 10.1016/j.knosys.2022.110213.
[45]	FENG Jun, WU Yefan, SUN Hong, et al. Panther: Practical secure two-party neural network inference[J]. IEEE Transactions on Information Forensics and Security, 2025, 20: 1149–1162. doi: 10.1109/TIFS.2025.3526063.