ABSTRACT
Attribute-based encryption (ABE), introduced by Sahai and Waters, is a promising cryptographic primitive, which has been widely applied to implement fine-grained access control system for encrypted data. In its key-policy flavor, attribute sets are used to annotate ciphertexts and secret keys are associated with access structures that specify which ciphertexts a user is entitled to decrypt. In most existing key-policy attribute-based encryption (KP-ABE) constructions, the size of the ciphertext is proportional to the number of attributes associated with it and the decryption cost is proportional to the number of attributes used during decryption. In this paper, we present a new construction of KP-ABE. Our proposed construction is the first KP-ABE scheme, which has the following features simultaneously: expressive (i.e., supporting arbitrary monotonic access structures); fully secure in the standard model; constant-size ciphertexts and fast decryption. The downside of our construction is that secret keys have quadratic size in the number of attributes.
- N. Attrapadung and H. Imai. Dual-policy attribute based encryption. In ACNS, pages 168--185, 2009. Google ScholarDigital Library
- N. Attrapadung and B. Libert. Functional encryption for inner product: Achieving constant-size ciphertexts with adaptive security or support for negation. In Public Key Cryptography, pages 384--402, 2010. Google ScholarDigital Library
- N. Attrapadung and B. Libert. Functional encryption for public-attribute inner products: Achieving constant-size ciphertexts with adaptive security or support for negation. J. Mathematical Cryptology, 5(2):115--158, 2012.Google ScholarCross Ref
- N. Attrapadung, B. Libert, and E. de Panafieu. Expressive key-policy attribute-based encryption with constant-size ciphertexts. In Public Key Cryptography, pages 90--108, 2011. Google ScholarDigital Library
- A. Beimel. Secure Schemes for Secret Sharing and Key Distribution. PhD thesis, Israel Institute of Technology, 1996.Google Scholar
- M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In ACM Conference on Computer and Communications Security, pages 62--73, 1993. Google ScholarDigital Library
- J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-policy attribute-based encryption. In IEEE Symposium on Security and Privacy, pages 321--334, 2007. Google ScholarDigital Library
- D. Boneh and X. Boyen. Efficient selective-id secure identity-based encryption without random oracles. In EUROCRYPT, pages 223--238, 2004.Google ScholarCross Ref
- D. Boneh, X. Boyen, and E.-J. Goh. Hierarchical identity based encryption with constant size ciphertext. In EUROCRYPT, pages 440--456, 2005. Google ScholarDigital Library
- D. Boneh and M. K. Franklin. Identity-based encryption from the weil pairing. SIAM J. Comput., 32(3):586--615, 2003. Google ScholarDigital Library
- D. Boneh, E.-J. Goh, and K. Nissim. Evaluating 2-dnf formulas on ciphertexts. In TCC, pages 325--341, 2005. Google ScholarDigital Library
- D. Boneh and M. Hamburg. Generalized identity based and broadcast encryption schemes. In ASIACRYPT, pages 455--470, 2008. Google ScholarDigital Library
- R. Canetti, S. Halevi, and J. Katz. A forward-secure public-key encryption scheme. In EUROCRYPT, pages 255--271, 2003. Google ScholarDigital Library
- M. Chase. Multi-authority attribute based encryption. In TCC, pages 515--534, 2007. Google ScholarDigital Library
- M. Chase and S. S. M. Chow. Improving privacy and security in multi-authority attribute-based encryption. In ACM Conference on Computer and Communications Security, pages 121--130, 2009. Google ScholarDigital Library
- L. Cheung and C. C. Newport. Provably secure ciphertext policy ABE. In ACM Conference on Computer and Communications Security, pages 456--465, 2007. Google ScholarDigital Library
- K. Emura, A. Miyaji, A. Nomura, K. Omote, and M. Soshi. A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In ISPEC, pages 13--23, 2009. Google ScholarDigital Library
- S. Garg, C. Gentry, S. Halevi, A. Sahai, and B. Waters. Attribute-based encryption for circuits from multilinear maps. IACR Cryptology ePrint Archive, 2013:128, 2013.Google Scholar
- S. Gorbunov, V. Vaikuntanathan, and H. Wee. Attribute-based encryption for circuits. In STOC, pages 545--554, 2013. Google ScholarDigital Library
- V. Goyal, A. Jain, O. Pandey, and A. Sahai. Bounded ciphertext policy attribute based encryption. In ICALP (2), pages 579--591, 2008. Google ScholarDigital Library
- V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-based encryption for fine-grained access control of encrypted data. In ACM Conference on Computer and Communications Security, pages 89--98, 2006. Google ScholarDigital Library
- J. Herranz, F. Laguillaumie, and C. Ràfols. Constant size ciphertexts in threshold attribute-based encryption. In Public Key Cryptography, pages 19--34, 2010. Google ScholarDigital Library
- S. Hohenberger and B. Waters. Attribute-based encryption with fast decryption. In Public Key Cryptography, pages 162--179, 2013.Google Scholar
- J. Katz, A. Sahai, and B. Waters. Predicate encryption supporting disjunctions, polynomial equations, and inner products. Cryptology ePrint Archive, Report 2007/404, 2007. http://eprint.iacr.org/.Google Scholar
- A. B. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In EUROCRYPT, pages 62--91, 2010. Google ScholarDigital Library
- A. B. Lewko and B. Waters. New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In TCC, pages 455--479, 2010. Google ScholarDigital Library
- A. B. Lewko and B. Waters. Decentralizing attribute-based encryption. In EUROCRYPT, pages 568--588, 2011. Google ScholarDigital Library
- A. B. Lewko and B. Waters. Unbounded hibe and attribute-based encryption. In EUROCRYPT, pages 547--567, 2011. Google ScholarDigital Library
- A. B. Lewko and B. Waters. New proof methods for attribute-based encryption: Achieving full security through selective techniques. In CRYPTO, pages 180--198, 2012.Google ScholarDigital Library
- H. Lin, Z. Cao, X. Liang, and J. Shao. Secure threshold multi authority attribute based encryption without a central authority. In INDOCRYPT, pages 426--436, 2008. Google ScholarDigital Library
- S. Müller, S. Katzenbeisser, and C. Eckert. Distributed attribute-based encryption. In ICISC, pages 20--36, 2008.Google Scholar
- R. Ostrovsky, A. Sahai, and B. Waters. Attribute-based encryption with non-monotonic access structures. In ACM Conference on Computer and Communications Security, pages 195--203, 2007. Google ScholarDigital Library
- Y. Rouselakis and B. Waters. New constructions and proof methods for large universe attribute-based encryption. IACR Cryptology ePrint Archive, 2012:583, 2012.Google Scholar
- A. Sahai and B. Waters. Fuzzy identity-based encryption. In EUROCRYPT, pages 457--473, 2005. Google ScholarDigital Library
- A. Shamir. Identity-based cryptosystems and signature schemes. In CRYPTO, pages 47--53, 1984. Google ScholarDigital Library
- B. Waters. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Public Key Cryptography, pages 53--70, 2011. Google ScholarDigital Library
Index Terms
- Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption
Recommendations
Fully Secure Unbounded Revocable Key-Policy Attribute-Based Encryption Scheme
Security, Privacy, and Anonymity in Computation, Communication, and StorageAbstractAttribute-based encryption (ABE) is a promising cryptographic primitive which can provide fine-grained access control over encrypted data. Providing an efficient revocation mechanism for ABE scheme is crucial since users’ credentials may be ...
New fully secure hierarchical identity-based encryption with constant size ciphertexts
ISPEC'11: Proceedings of the 7th international conference on Information security practice and experienceHierarchical identity-based encryption (HIBE) is a generalization of identity-based encryption (IBE) which allows for a hierarchy of identities where any parent identities can derive secret keys for child identities. In this paper, we propose a new HIBE ...
Fully Secure Ciphertext-Policy Attribute-Based Encryption with Constant Size Ciphertext
MINES '11: Proceedings of the 2011 Third International Conference on Multimedia Information Networking and SecurityIn a cipher text-policy ABE (CP-ABE) scheme, an encrypt or can express any access policy, stating what kind of receivers will be able to decrypt the message in the encryption algorithm. In most CP-ABE schemes, the size of cipher texts is not constant, ...
Comments