Attribute-Based Encryption

Key-based ABE: a ciphertext (the message, or Bitcoin transaction, e.g.) is encrypted with attributes using a master key. The master key is then used to create private (secret) keys associated with a certain access-structure across a universe of attributes. If the ciphertext’s attributes satisfy that access structure, then it can be decrypted.

In this case, the creator of the ciphertext cannot control who can decrypt the message — they only associate the text with certain attributes. The key issuer gets to decide whose private keys will have the correct access structure over those attributes.

In Ciphertext-Policy ABE, on the other hand, the ciphertext itself is associated with a particular access structure across certain attributes. The keys then are associated with certain attributes (not access structures). Only if those keys’ attributes successfully meet the access structure can they decrypt the message. So in this case, the ‘intelligence’ of what types of entities can decrypt the message is up to the creator of the ciphertext.

http://gleamly.com/article/introduction-attribute-based-encryption-abe
http://crypto.stackexchange.com/questions/31222/how-is-the-ciphertext-labeled-with-a-set-of-attributes-in-key-policy-attribute-b
J Bethencourt, Amit Sahai, and Brent Waters, “Ciphertext-Policy Attribute-Based Encryption,” in SP’07, 2007, pp. 321–334.