ABSTRACT
Attribute-based encryption (ABE) is a promising tool for implementing fine-grained cryptographic access control. Very recently, motivated by reducing the trust assumption on the authority, and enhancing the privacy of users, a multiple-authority key-policy ABE system, together with a semi-generic anonymous key-issuing protocol, have been proposed by Chase and Chow in CCS 2009. Since ABE allows encryption for multiple users with attributes satisfying the same policy, it may not be always possible to associate a decryption key to a particular individual. A misbehaving user could abuse the anonymity by leaking the key to someone else, without worrying of being traced. In this paper, we propose a multi-authority ciphertext-policy (AND gates with wildcard) ABE scheme with accountability, which allows tracing the identity of a misbehaving user who leaked the decryption key to others, and thus reduces the trust assumptions not only on the authorities but also the users. The tracing process is efficient and its computational overhead is only proportional to the length of the identity.
- M. Abdalla, D. Catalano, A. W. Dent, J. Malone-Lee, G. Neven, and N. P. Smart. Identity-Based Encryption Gone Wild. In ICALP, volume 4052 of LNCS, pages 300--311, 2006. Google ScholarDigital Library
- J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In IEEE Symposium on Security and Privacy, pages 321--334, 2007. Google ScholarDigital Library
- M. Chase. Multi-Authority Attribute Based Encryption. In TCC, volume 4392 of LNCS, pages 515--534, 2007. Google ScholarDigital Library
- M. Chase and S. S. M. Chow. Improving Privacy and Security in Multi-Authority Attribute-Based Encryption. In ACM CCS, pages 121--130, New York, NY, USA, 2009. Google ScholarDigital Library
- L. Cheung and C. Newport. Provably Secure Ciphertext Policy ABE. In ACM CCS, pages 456--465, 2007. Google ScholarDigital Library
- S. S. M. Chow. New Privacy-Preserving Architectures for Identity-/Attribute-based Encryption. PhD thesis, New York University, 2010. Google ScholarDigital Library
- V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. In ACM CCS, pages 89--98, 2006. Google ScholarDigital Library
- M. J. Hinek, S. Jiang, R. Safavi-Naini, and S. F. Shahandashti. Attribute-Based Encryption with Key Cloning Protection. Cryptology ePrint 2008/478.Google Scholar
- J. Li and K. Kim. Hidden Attribute-Based Signatures without Anonymity Revocation. Inf. Sci., 180(9):1681--1689, 2010. Google ScholarDigital Library
- J. Li, K. Ren, and K. Kim. A 2 BE: Accountable Attribute-Based Encryption for Abuse Free Access Control. Cryptology ePrint 2009/118, 2009.Google Scholar
- J. Li, K. Ren, B. Zhu, and Z. Wan. Privacy-Aware Attribute-Based Encryption with User Accountability. In ISC, volume 5735 of LNCS, pages 347--362, 2009. Full version available at http://eprint.iacr.org/2009/284. Google ScholarDigital Library
- T. Nishide, K. Yoneyama, and K. Ohta. Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structure. In ACNS, volume 5037 of LNCS, pages 111--129, 2008. Journal version appeared in IEICE Transactions 92-A(1): 22--32 (2009). Google ScholarDigital Library
- A. Sahai and B. Waters. Fuzzy Identity-Based Encryption. In EUROCRYPT, volume 3494 of LNCS, pages 457--473, 2005. Google ScholarDigital Library
- S. Yu, K. Ren, W. Lou, and J. Li. Defending Against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems. In SECURECOMM, 2009. Full version available at http://eprint.iacr.org/2009/295.Google ScholarCross Ref
Index Terms
- Multi-authority ciphertext-policy attribute-based encryption with accountability
Recommendations
Multi-authority fine-grained access control with accountability and its application in cloud
Attribute-based encryption (ABE) is one of critical primitives for the application of fine-grained access control. To reduce the trust assumption on the attribute authority and in the meanwhile enhancing the privacy of users and the security of the ...
Provably secure unbounded multi-authority ciphertext-policy attribute-based encryption
Multi-authority attribute-based encryption ABE is a generation of ABE where the descriptive attributes are managed by different authorities. In current multi-authority ABE schemes, the scale of attribute universe employed in encryption is restricted by ...
Efficient ciphertext-policy attribute based encryption with hidden policy
IDCS'12: Proceedings of the 5th international conference on Internet and Distributed Computing SystemsIn an anonymous ciphertext-policy attribute-based encryption (CP-ABE) scheme, the encryptor-specified access structure is hidden in ciphertexts. The decryptor gets his secret key from a trust authority according to his attributes. However, he cannot ...
Comments