Threshold Attribute-Based Encryption Scheme Supporting Multiple Access Policies

Threshold Attribute-based Encryption has attracted significant attention due to its growing importance in practical applications, such as distributed cloud storage or anonymous access control. In a threshold attribute-based encryption scheme, a sender can select a set of attributes and a corresponding threshold t, which is referred to as an access policy, to encrypt a message. Decryption is successful if and only if a user possesses at least t attributes from the specified attribute set. Existing threshold attribute-based encryption schemes typically consider only the setting in which a single message is encrypted under a single access policy. However, in many practical applications, more flexible encryption scenarios are needed, such as encrypting a single message under multiple access policies or encrypting multiple messages under their corresponding access policies. In this work, we first formalize the notion of threshold attribute-based encryption supporting the encryption of multiple messages under multiple access policies. We then propose the first construction of a threshold attribute-based encryption scheme based on the Key Encapsulation Mechanism paradigm that supports such functionality while achieving constant-size ciphertext. Our proposed scheme relies on bilinear pairings and is proven secure in the Generic Bilinear Group Model. As a classical pairing-based construction, it does not provide post-quantum security and is therefore unsuitable for scenarios requiring long-term confidentiality or resilience against harvest-now, decrypt-later attacks.