Top

Published in:

2016 | OriginalPaper | Chapter

Revocable Decentralized Multi-Authority Functional Encryption

Authors : Hikaru Tsuchida, Takashi Nishide, Eiji Okamoto, Kwangjo Kim

Published in: Progress in Cryptology – INDOCRYPT 2016

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Attribute-Based Encryption (ABE) is regarded as one of the most desirable cryptosystems realizing data security in the cloud storage systems. Functional Encryption (FE) which includes ABE and the ABE system with multiple authorities are studied actively today. However, ABE has the attribute revocation problem. In this paper, we propose a new revocation scheme using update information, i.e., revocation patch (not update key), in which an encryptor does not need to care about the revocation list. We propose an FE scheme with multiple authorities and no central authority supporting revocation by using revocation patch. Our proposal realizes the revocation on the attribute level. More precisely, we introduce the new concept, i.e., the revocation on the category level that is a generalization of attribute level. We prove that our construction is adaptively secure against chosen plaintext attacks and static corruption of authorities based on the decisional linear (DLIN) assumption.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Private Functional Encryption: Indistinguishability-Based Definitions and Constructions from Obfuscation

next chapter On Linear Hulls and Trails

The scheme of [8] can hide the revocation list (i.e., identities of revoked users) specified for ciphertexts in a provably secure way, but an encryptor needs to care about revocation lists. We note that an encryptor does not have to care about the revocation list in the schemes supporting indirect revocation [4, 11, 21] and our scheme. However, we note that the aim of the indirect revocation [4, 11, 21] and our scheme is not to hide the revocation list specified for ciphertexts in a provably secure way.

We define a user’s attribute revocation list with its version \(\mathsf {v}_{t}\): \({r\ell }_\mathsf{{v}_{t}}\subseteq \{1,\ldots ,{N}_{max,t}\}\).

We assume that a revoked user can become unrevoked again (possibly several times) after the user was revoked.

Here, we define \(\mathsf {FindNode}:{\{0,1\}}^{*}\times \{(t,\vec {x}_{A,t})\}\times \mathbb {N}\cup \{0\}\rightarrow \{1,\ldots ,{N}_{max,t}\}\). The \(\mathsf {FindNode}\) is not a priori function. An attribute authority assigns \((\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})\) to the \(\mathsf {FindNode}(\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})\)-th leaf node newly and uniquely every time the user key is issued. We remark that an attribute authority can decide how to choose a leaf by itself as long as the assignment is unique. Then, let “user u” in the subset-cover revocation framework equal \(\mathsf {FindNode}(\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})\). That is, \(\mathsf {FindNode}(\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})=u\in \{1,\ldots ,{N}_{max,t}\}\).

We note that actually each authority can manage several attribute categories.

For example, a user is initially unrevoked, and the user may be revoked. If the user becomes unrevoked again, then rt is 1.

Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 248–265. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03298-1_16 CrossRef

Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Parker, M.G. (ed.) IMACC 2009. LNCS, vol. 5921, pp. 278–300. Springer, Heidelberg (2009). doi:10.1007/978-3-642-10868-6_17 CrossRef

Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, pp. 321–334 (2007)

Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM CCS 2008, pp. 417–426 (2008)

Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19571-6_16 CrossRef

Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). doi:10.1007/978-3-540-70936-7_28 CrossRef

Datta, P., Dutta, R., Mukhopadhyay, S.: Adaptively secure unrestricted attribute-based encryption with subset difference revocation in bilinear groups of prime order. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2016. LNCS, vol. 9646, pp. 325–345. Springer, Heidelberg (2016). doi:10.1007/978-3-319-31517-1_17 CrossRef

González-Nieto, J.M., Manulis, M., Sun, D.: Fully private revocable predicate encryption. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 350–363. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31448-3_26 CrossRef

Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM CCS 2006, pp. 89–98 (2006)

10.

Horváth, M.: Attribute-based encryption optimized for cloud computing. In: Italiano, G.F., Margaria-Steffen, T., Pokorný, J., Quisquater, J.-J., Wattenhofer, R. (eds.) SOFSEM 2015. LNCS, vol. 8939, pp. 566–577. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46078-8_47

11.

Lee, K., Choi, S.G., Lee, D.H., Park, J.H., Yung, M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 235–254. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42033-7_13 CrossRef

12.

Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20465-4_31 CrossRef

13.

Lewko, A.B.: Functional encryption: new proof techniques and advancing capabilities. Ph.D. thesis, The University of Texas (2012)

14.

Müller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute-based encryption. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 20–36. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00730-9_2 CrossRef

15.

Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). doi:10.1007/3-540-44647-8_3 CrossRef

16.

Okamoto, T., Takashima, K.: Fully secure functional encryption with general relations from the decisional linear assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_11 CrossRef

17.

Okamoto, T., Takashima, K.: Fully secure unbounded inner-product and attribute-based encryption. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 349–366. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_22 CrossRef

18.

Okamoto, T., Takashima, K.: Decentralized attribute-based signatures. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 125–142. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36362-7_9 CrossRef

19.

Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: ACM CCS 2007, pp. 195–203 (2007)

20.

Qian, J., Dong, X.: Fully secure revocable attribute-based encryption. J. Shanghai Jiaotong Univ. (Sci.) 16(4), 490–496 (2011)CrossRefMATH

21.

Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 199–217. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32009-5_13 CrossRef

22.

Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi:10.1007/11426639_27 CrossRef

23.

The full version of this paper. It will appear in the IACR Cryptology ePrint Archive. https://eprint.iacr.org/

Title: Revocable Decentralized Multi-Authority Functional Encryption
Authors: Hikaru Tsuchida
Takashi Nishide
Eiji Okamoto
Kwangjo Kim
Publisher: Springer International Publishing
Book: Progress in Cryptology – INDOCRYPT 2016
Print ISBN: 978-3-319-49889-8

Electronic ISBN: 978-3-319-49890-4

Copyright Year: 2016
DOI: https://doi.org/10.1007/978-3-319-49890-4_14

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner