In this paper, we present a novel ciphertext-policy attribute based encryption (CP-ABE) scheme that offers a flexible access structure. Our proposed scheme incorporates an access tree as its access control policy, enabling fine-grained access control over encrypted data. The security of our scheme is provable under the hardness assumption of the decisional Ring-Learning with Errors (R-LWE) problem, ensuring robust protection against unauthorized access. CP-ABE is a cryptographic technique that allows data owners to encrypt their data with access policies defined in terms of attributes. Only users possessing the required attributes can decrypt and access the encrypted data. Our scheme extends the capabilities of CP-ABE by introducing a flexible access structure based on an access tree. This structure enables more complex and customizable access policies, accommodating a wider range of real-world scenarios. To ensure the security of our scheme, we rely on the decisional R-LWE problem, a well-established hardness assumption in cryptography. By proving the security of our scheme under this assumption, we provide a strong guarantee of protection against potential attacks. Furthermore, our proposed scheme operates in the standard model, which means it does not rely on any additional assumptions or idealized cryptographic primitives. This enhances the practicality and applicability of our scheme, making it suitable for real-world deployment. We evaluate the performance and efficiency of our scheme through extensive simulations and comparisons with existing CP-ABE schemes. The results demonstrate the effectiveness and scalability of our proposed approach, highlighting its potential for secure and flexible data access control in various domains.

翻译：本文提出了一种新型密文策略属性基加密（CP-ABE）方案，该方案具备灵活的访问结构。所提方案采用访问树作为访问控制策略，实现了对加密数据的细粒度访问控制。该方案的安全性可在判定性环带误差学习（R-LWE）问题的困难性假设下得到证明，确保了针对未授权访问的强健保护。CP-ABE是一种密码学技术，允许数据所有者根据属性定义的访问策略加密数据，仅拥有所需属性的用户才能解密并访问加密数据。本方案通过引入基于访问树的灵活访问结构，扩展了CP-ABE的能力，支持更复杂、可定制的访问策略，适应更广泛的实际应用场景。为确保方案安全性，我们依赖于判定性R-LWE问题这一密码学中成熟的困难性假设。通过在该假设下证明方案安全性，我们为抵御潜在攻击提供了强有力的保护保障。此外，所提方案在标准模型下运行，无需依赖任何附加假设或理想化密码原语，这增强了其实用性和适用性，使其适合实际部署。通过大量仿真实验及与现有CP-ABE方案的对比，我们评估了所提方案的性能与效率，结果证明了该方法的有效性和可扩展性，凸显了其在各领域实现安全灵活数据访问控制的潜力。