In multi-tier supply chains, core enterprises must share sensitive data with dynamically changing partners, while simultaneously ensuring long-term confidentiality and fine-grained access control. However, existing ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) schemes are not key exposure resilient: once a decryption key is leaked, adversaries may decrypt large volumes of historical ciphertexts, and globally updating keys is prohibitively expensive. To enable key exposure resilient supply chain data sharing, we propose a lattice-based puncturable and revocable CP-ABPRE scheme, termed PR-CP-ABPRE, which incorporates a dual revocation mechanism based on user revocation and tag puncturing. The proxy can transform ciphertexts across different access policies without learning the embedded plaintext. Meanwhile, the data owner can centrally revoke misbehaving or expired receivers via a revocation list, and each receiver can locally puncture its secret key for specific tags, permanently disabling decryption of the corresponding historical ciphertexts while preserving access to other authorized data. Consequently, previously shared supply chain data remain confidential even if secret keys are compromised at a later time. We formalize the security model of PR-CP-ABPRE and prove its security in the standard model. As far as we are aware, PR-CP-ABPRE is the first CP-ABPRE scheme to simultaneously achieve post-quantum security, forward security, and user revocation, thereby establishing a theoretical foundation for post-quantum access control in supply chain environments.
Zhao et al. (Sat,) studied this question.