Secure key leasing (SKL) is an advanced encryption functionality that allows a secret key holder to generate a quantum decryption key and securely lease it to a user. Once the user returns the quantum decryption key (or provides a classical certificate confirming its deletion), they lose their decryption capability. Previous works on public key encryption with SKL (PKE-SKL) have only considered the single-key security model, where the adversary receives at most one quantum decryption key. However, this model does not accurately reflect real-world applications of PKE-SKL. To address this limitation, we introduce collusion-resistant security for PKE-SKL (denoted as PKE-CR-SKL). In this model, the adversary can adaptively obtain multiple quantum decryption keys and access a verification oracle which validates the correctness of queried quantum decryption keys. Importantly, the size of the public key and ciphertexts must remain independent of the total number of generated quantum decryption keys. We present the following constructions: - A PKE-CR-SKL scheme based on the learning with errors (LWE) assumption. - An attribute-based encryption scheme with collusion-resistant SKL (ABE-CR-SKL), also based on the LWE assumption. - An ABE-CR-SKL scheme with classical certificates, relying on multi-input ABE with polynomial arity.

翻译：安全密钥租赁是一种高级加密功能，允许秘密密钥持有者生成量子解密密钥并将其安全地租赁给用户。一旦用户归还量子解密密钥（或提供确认其已删除的经典证书），他们便失去解密能力。先前关于支持安全密钥租赁的公钥加密的研究仅考虑了单密钥安全模型，其中敌手至多获得一个量子解密密钥。然而，该模型未能准确反映PKE-SKL的实际应用场景。为解决这一局限，我们为PKE-SKL引入了抗合谋安全性（记为PKE-CR-SKL）。在此模型中，敌手可以自适应地获取多个量子解密密钥，并访问一个验证预言机以验证所查询量子解密密钥的正确性。重要的是，公钥和密文的大小必须与生成的量子解密密钥总数无关。我们提出以下构造方案：- 一个基于容错学习假设的PKE-CR-SKL方案。- 一个同样基于LWE假设的、支持抗合谋SKL的属性基加密方案（ABE-CR-SKL）。- 一个依赖多项式元数多输入ABE的、支持经典证书的ABE-CR-SKL方案。