security weaknesses of some policy-hiding attribute-based encryption schemes

In ciphertext-policy attribute-based encryption (cp-abe) schemes, an access structure is sent with each ciphertext to specify the intended recipients. this design can reveal sensitive information about the encrypted data and its recipients. moreover, it may introduce new security concerns regarding user privacy. policy-hiding cp-abe schemes have been proposed to address this challenge and protect user privacy. in this paper, we present the cryptanalysis of two policy-hiding cp-abe schemes. for the first scheme, we demonstrate that it leaks attribute value information through the ciphertext. an adversary can exploit this flaw to perform an offline dictionary attack, revealing the attribute values used in the access structure, and thereby exposing the entire access structure. for the second scheme, we show that its security is compromised due to the improper establishment of the decryption key component utilized in the attribute matching phase. data users can exploit the secret key components used in the attribute matching phase to decrypt any ciphertext, regardless of their attribute set.