Attribute-based encryption (ABE) provides a fine-grained access control mode for multiuser network environments. The popularity of 5th generation (5G) mobile network applications has greatly increased the data transmission rate, but mobile terminal devices with limited resources in the network have difficulty with the high computational overhead of ABE in wireless communication. In response to this problem, this paper proposes a hybrid encryption online/offline ciphertext policy attribute-based encryption (CP-ABE) scheme for 5G. In the scheme, the data owner uses symmetric encryption technology to perform data encapsulation on plaintext and outsources the encapsulated plaintext to the cloud user assistant (CUA) for offline calculation. Key encapsulation is performed on a symmetric key to form the final ciphertext, and it is uploaded to the cloud server. After the data user obtains the ciphertext, it is handed over to the CUA for offline decryption calculation. If the access structure is satisfied, the encapsulated ciphertext can be obtained, and then the symmetric key is used to decrypt the ciphertext. In the scheme, the correctness of the symmetric key can be verified to prevent malicious tampering in the process of transmission. It is indicated that the scheme is secure after being tested with the decisional q-Parallel Bilinear Diffie-Hellman Exponent (BDHE). Numerical analysis shows that the scheme has decreased computational overhead and can achieve fine-grained access control of user decryption rights.

基于属性的加密 (ABE) 为多用户网络环境提供细粒度的访问控制模式。第五代（5G）移动网络应用的普及大大提高了数据传输速率，但网络中资源有限的移动终端设备难以应对无线通信中ABE的高计算开销。针对这一问题，本文提出了一种面向5G的混合加密在线/离线密文策略基于属性的加密（CP-ABE）方案。该方案中，数据所有者采用对称加密技术对明文进行数据封装，并将封装后的明文外包给云用户助手（CUA）进行离线计算。对对称密钥进行密钥封装，形成最终密文，并将其上传到云服务器。数据用户获得密文后，交给CUA进行离线解密计算。如果满足访问结构，就可以得到封装好的密文，然后用对称密钥对密文进行解密。该方案可以验证对称密钥的正确性，防止在传输过程中被恶意篡改。经决策q-Parallel Bilinear Diffie-Hellman指数(BDHE)测试，表明该方案是安全的。数值分析表明，该方案降低了计算开销，可以实现用户解密权限的细粒度访问控制。可以得到封装后的密文，然后使用对称密钥对密文进行解密。该方案可以验证对称密钥的正确性，防止传输过程中被恶意篡改。经决策q-Parallel Bilinear Diffie-Hellman指数(BDHE)测试，表明该方案是安全的。数值分析表明，该方案降低了计算开销，可以实现用户解密权限的细粒度访问控制。可以得到封装后的密文，然后使用对称密钥对密文进行解密。该方案可以验证对称密钥的正确性，防止在传输过程中被恶意篡改。经决策性q并行双线性Diffie-Hellman指数(BDHE)测试表明该方案是安全的。数值分析表明，该方案降低了计算开销，可以实现用户解密权限的细粒度访问控制。经决策q-Parallel Bilinear Diffie-Hellman指数(BDHE)测试，表明该方案是安全的。数值分析表明，该方案降低了计算开销，可以实现用户解密权限的细粒度访问控制。经决策性q并行双线性Diffie-Hellman指数(BDHE)测试表明该方案是安全的。数值分析表明，该方案降低了计算开销，可以实现用户解密权限的细粒度访问控制。