On Efficiently Transferring the Linear Secret-Sharing Scheme Matrix in Ciphertext-Policy Attribute-Based Encryption
Ciphertext-Policy Attribute-Based Encryption(CP-ABE) is a system for realizing complex access control on encrypted data, in which attributes are used to describe a user's credentials and a party encrypting data determines a policy over attributes for who can decrypt. In CP-ABE schemes, access policy is attached to the ciphertext to be the input of the decryption algorithm. An access policy can be expressed in terms of monotone boolean formula or monotone access structure, and can be realized by a linear secret-sharing scheme(LSSS). In recent provably secure and efficient CP-ABE schemes, the LSSS induced from monotone span program(MSP) is used, where the LSSS is a matrix whose rows are labeled by attributes. And a general algorithm for converting a boolean formula into corresponding LSSS matrix is described recently. However, when there are threshold gates in the access structure, the number of rows of the LSSS matrix generated by the algorithm will be unnecessary large, and consequently the ciphertext size is unnecessary large. In this paper, we give a more general and efficient algorithm that the number of rows of the LSSS matrix is as small as possible. And by some tricks, the boolean formula acts as the label function, so that only the boolean formula needs to be attached to the ciphertext, which decreases the communication cost drastically.