An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited

Hui Cui, Robert H. Deng, Junzuo Lai, Xun Yi, Surya Nepal

Research output: Contribution to journalArticleResearchpeer-review

49 Citations (Scopus)


Ciphertext-policy attribute-based encryption (CP-ABE) has been regarded as one of the promising solutions to protect data security and privacy in cloud storage services. In a CP-ABE scheme, an access structure is included in the ciphertext, which, however, may leak sensitive information about the underlying plaintext and the privileged recipients in that anyone who sees the ciphertext is able to learn the attributes of the privileged recipients from the associated access structure. In order to address this issue, CP-ABE with partially hidden access structures was introduced where each attribute is divided into an attribute name and an attribute value and the attribute values of the attributes in an access structure are not given in the ciphertext. Though a number of CP-ABE schemes with partially hidden access structures have been proposed, most of them only enable restricted access structures, whereas several other schemes supporting expressive access structures are computationally inefficient due to the fact that they are built in the composite-order groups. To our knowledge, there has been little attention paid to the design of expressive CP-ABE schemes with partially hidden access structures in the prime-order groups. In this paper, we revisit this problem, and present an expressive CP-ABE scheme supporting partially hidden access structures in the prime-order groups with improved efficiency.

Original languageEnglish
Pages (from-to)157-165
Number of pages9
JournalComputer Networks
Publication statusPublished - 14 Mar 2018
Externally publishedYes


  • Access control
  • Cloud storage
  • Data security and privacy

Cite this