Key-Policy Attribute-Based Encryption Based on SM9

Attribute-based encryption (ABE) is a type of encryption derived from identity-based encryption, implementing access control over encrypted data based on attributes rather than on specific identities. SM9 is the chinese national standard for identity-based cryptography. This paper presents two novel key-policy attribute-based encryption (KP-ABE) designs based on SM9. The first scheme operates in a small attribute universe, while the second scheme caters to a large universe where the size of public parameters is only proportional to the maximum number of attributes used for encryption. Both schemes have similar private-key/ciphertext structure as the original SM9 identity-based encryption algorithm, enabling effective integration into information systems built on SM9. Further, both schemes are selectively secure under the (f, g)-GDDHE assumption. Extensive experiments show that both schemes are comparable with other classical KP-ABE schemes, in terms of the communication and computational costs. We believe the proposed schemes will expedite the implementation of SM9 in distributed computing systems such as cloud computing and blockchain.