Abstract: Aiming at the problems of the current attributebased encryption system, such as the issues of users and center abused keys and decryption rights of user revocation, we proposed an attributebased encryption scheme that supported accountability and user revocation. The scheme used a “fixed point” as the identifier of the key owner to realize the identity tracing of malicious users. The decryption key was generated by interaction between user and center to solve the problem that semitrusted center abused keys. By using complete subset scheme and selfupdate encryption scheme, the proposed system could achieve immediate revocation and forward/backward security. Furthermore, we used a Paillier encryption system to avoid storage cost in the tracing process. The scheme didn’t need to predetermine the number of attributes at stage of system setup, and was proved to be chosenplaintext security in the standard model.

Key words: large attribute space, traceability functionality, attributebased encryption, revocation functionality