AI帮你理解科学

AI 生成解读视频

AI抽取解析论文重点内容自动生成视频


pub
生成解读视频

AI 溯源

AI解析本论文相关学术脉络


Master Reading Tree
生成 溯源树

AI 精读

AI抽取本论文的概要总结


微博一下
It would be desirable to remove the need for a random oracle and replace it with a concrete function H mapping identities to group elements

Decentralizing Attribute-Based Encryption

Theory and Application of Cryptographic Techniques, (2011): 568-588

被引用917|浏览327
EI
下载 PDF 全文
引用
微博一下

摘要

We propose a Multi-Authority Attribute-Based Encryption (ABE) system. In our sys- tem, any party can become an authority and there is no requirement for any global coor- dination other than the creation of an initial set of common reference parameters. A party can simply act as an ABE authority by creating a public key and issuing private...更多

代码

数据

简介
  • The authors view encryption as a mechanism for a user, Alice, to confidentially encode data to a target recipient, Bob. Alice encrypts the data under the recipient’s public key such that only Bob, with knowledge of his private key, can decrypt it.
  • Supported by National Defense Science and Engineering Graduate Fellowship.
  • Department of Homeland Security Grant 2006-CS-001-000001-02, a Google Faculty Research award, and the Alfred P.
重点内容
  • We view encryption as a mechanism for a user, Alice, to confidentially encode data to a target recipient, Bob
  • We propose a new multi-authority Attribute-Based Encryption system
  • In Section 4, we present our multi-authority CP-Attribute-Based Encryption system and outline the proof of its security
  • In the full version of this paper, we show how to construct a fully secure multiauthority CP-Attribute-Based Encryption system where attributes are used multiple times in an access matrix from a fully secure multi-authority CP-Attribute-Based Encryption system where attributes are used only once
  • We prove our four specific assumptions are generically secure in the full version, under the assumption that it is hard to find a nontrivial factor of the group order N
  • It would be desirable to remove the need for a random oracle and replace it with a concrete function H mapping identities to group elements
结论
  • There are multiple ways in which one might extend the work.

    Removing the Random Oracle.
  • One approach would be to fix a degree d polynomial, P (x), and map identities in ZN to elements of G by setting H(GID) := gP (GID), where g denotes a generator of the group G.
  • This approach has previously been employed to obtain large universe constructions for Attributed-Based encryption [30].
  • This is far from ideal, and the authors would prefer a better method with stronger security guarantees
相关工作
  • Several of the roots of Attribute-Based Encryption can be traced back to Identity Based Encryption (IBE), proposed by Shamir [46]. The first IBE schemes were constructed by Boneh and Franklin [13] and Cocks [24]. These initial systems were proven secure in the random oracle model. Other standard model solutions followed [20,9,10,52,27], along with extensions to the hierarchical IBE setting [34,28,11].

    Attribute-based encryption was introduced by Sahai and Waters [45]. Subsequently, Goyal, Pandey, Sahai, and Waters [30] formulated two complimentary forms of ABE: Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Key-Policy Attribute-Based Encryption (KP-ABE). In a CP-ABE system, keys are associated with sets of attributes and ciphertexts are associated with access policies. In a KP-ABE system, the situation is reversed: keys are associated with access policies and ciphertexts are associated with sets of attributes. Since then, several different ABE systems have been proposed [8,21,23,29,44,54,22], as well as related systems [14,2]. The problem of building ABE systems with multiple authorities was proposed by Sahai and Waters and first considered by Chase [21] and Chase and Chow [22]. Another interesting direction is the construction of “anonymous” or predicate encryption systems [36,49,17,12,1,47,37] where in addition to the data the encryption policy or other properties are hidden. Other works have discussed similar problems without addressing collusion resistance [3,4,5,18,41,51]. In these systems, the data encryptor specifies an access policy such that a set of users can decrypt the data only if the union of their credentials satisfies the access policy.
基金
  • Supported by NSF CNS-0915361, and CNS-0952692, the MURI program under AFOSR Grant No: FA9550-08-1-0352
引用论文
  • Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., MaloneLee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: Consistency properties, relation to anonymous ibe, and extensions. Journal of Cryptology 21, 350–391 (2008)
    Google ScholarLocate open access versionFindings
  • Abdalla, M., Kiltz, E., Neven, G.: Generalized key delegation for hierarchical identity-based encryption. In: Biskup, J., Lopez, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 139–154. Springer, Heidelberg (2007)
    Google ScholarLocate open access versionFindings
  • Al-Riyami, S., Malone-Lee, J., Smart, N.: Escrow-free encryption supporting cryptographic workflow. Int. J. Inf. Sec. 5, 217–229 (2006)
    Google ScholarLocate open access versionFindings
  • Bagga, W., Molva, R., Crosta, S.: Policy-based encryption schemes from bilinear pairings. In: ASIACCS, pp. 368 (2006)
    Google ScholarFindings
  • Barbosa, M., Farshim, P.: Secure cryptographic workflow in the standard model. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 379–393. Springer, Heidelberg (2006)
    Google ScholarLocate open access versionFindings
  • Beimel, A.: PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel (1996)
    Google ScholarFindings
  • Bellare, M., Waters, B., Yilek, S.: Identity-based encryption secure against selective opening attack. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 235–252. Springer, Heidelberg (2011)
    Google ScholarLocate open access versionFindings
  • Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334 (2007)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Boyen, X., Goh, E.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: Proceedings of FOCS, pp. 647–657 (2007)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Goh, E., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Sahai, A., Waters, B.: Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 573–592. Springer, Heidelberg (2006)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007)
    Google ScholarLocate open access versionFindings
  • Bradshaw, R., Holt, J., Seamons, K.: Concealing complex policies with hidden credentials. In: ACM Conference on Computer and Communications Security, pp. 146–157 (2004)
    Google ScholarLocate open access versionFindings
  • Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 93. Springer, Heidelberg (2001)
    Google ScholarLocate open access versionFindings
  • Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003)
    Google ScholarLocate open access versionFindings
  • Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007)
    Google ScholarLocate open access versionFindings
  • Chase, M., Chow, S.: Improving privacy and security in multi-authority attributebased encryption. In: ACM Conference on Computer and Communications Security, pp. 121–130 (2009)
    Google ScholarLocate open access versionFindings
  • Cheung, L., Newport, C.: Provably secure ciphertext policy abe. In: ACM Conference on Computer and Communications Security, pp. 456–465 (2007)
    Google ScholarLocate open access versionFindings
  • Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 26–28. Springer, Heidelberg (2001)
    Google ScholarLocate open access versionFindings
  • Freeman, D.M.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 44–61. Springer, Heidelberg (2010)
    Google ScholarLocate open access versionFindings
  • Garg, S., Kumarasubramanian, A., Sahai, A., Waters, B.: Building efficient fully collusion-resilient traitor tracing and revocation schemes. In: ACM Conference on Computer and Communications Security, pp. 121–130 (2010)
    Google ScholarLocate open access versionFindings
  • Gentry, C.: Practical identity-based encryption without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464.
    Google ScholarLocate open access versionFindings
  • Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)
    Google ScholarLocate open access versionFindings
  • Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Aceto, L., Damgard, I., Goldberg, L.A., Halldorsson, M.M., Ingolfsdottir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 579–591. Springer, Heidelberg (2008)
    Google ScholarLocate open access versionFindings
  • Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute Based Encryption for FineGrained Access Conrol of Encrypted Data. In: ACM Conference on Computer and Communications Security, pp. 89–98 (2006)
    Google ScholarLocate open access versionFindings
  • Groth, J., Ostrovsky, R., Sahai, A.: Non-interactive zaps and new techniques for nizk. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 97–111. Springer, Heidelberg (2006)
    Google ScholarLocate open access versionFindings
  • Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for np. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358.
    Google ScholarLocate open access versionFindings
  • Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008)
    Google ScholarFindings
  • Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002)
    Google ScholarLocate open access versionFindings
  • Iovino, V., Persiano, G.: Hidden-vector encryption with groups of prime order. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 75–88. Springer, Heidelberg (2008)
    Google ScholarLocate open access versionFindings
  • Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162.
    Google ScholarFindings
  • Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)
    Google ScholarLocate open access versionFindings
  • Lewko, A., Waters, B.: Decentralizing attribute-based encryption. Cryptology ePrint Archive, Report 2010/351 (2010), http://eprint.iacr.org/
    Findings
  • Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010)
    Google ScholarLocate open access versionFindings
  • Lin, H., Cao, Z., Liang, X., Shao, J.: Secure threshold multi authority attribute based encryption without a central authority. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 426–436.
    Google ScholarLocate open access versionFindings
  • Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: VLDB 2003, pp. 898–909 (2003)
    Google ScholarFindings
  • Muller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute-based encryption. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 20–36. Springer, Heidelberg (2009)
    Google ScholarLocate open access versionFindings
  • Muller, S., Katzenbeisser, S., Eckert, C.: On multi-authority ciphertext-policy attribute-based encryption. Bulletin of the Korean Mathematical Society 46(4), 803–819 (2009)
    Google ScholarLocate open access versionFindings
  • Ostrovksy, R., Sahai, A., Waters, B.: Attribute Based Encryption with NonMonotonic Access Structures. In: ACM Conference on Computer and Communications Security, pp. 195–203 (2007)
    Google ScholarLocate open access versionFindings
  • Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)
    Google ScholarLocate open access versionFindings
  • Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
    Google ScholarLocate open access versionFindings
  • Shi, E., Bethencourt, J., Chan, H., Song, D., Perrig, A.: Multi-dimensional range query over encrypted data. In: IEEE Symposium on Security and Privacy (2007)
    Google ScholarLocate open access versionFindings
  • Shi, E., Bethencourt, J., Chan, H.T.-H., Xiaodong Song, D., Perrig, A.: Multidimensional range query over encrypted data. In: IEEE Symposium on Security and Privacy, pp. 350–364 (2007)
    Google ScholarLocate open access versionFindings
  • Shi, E., Waters, B.: Delegating capabilities in predicate encryption systems. In: Aceto, L., Damgard, I., Goldberg, L.A., Halldorsson, M.M., Ingolfsdottir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 560–578.
    Google ScholarLocate open access versionFindings
  • Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)
    Google ScholarLocate open access versionFindings
  • Smart, N.: Access control using pairing based cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 111–121.
    Google ScholarFindings
  • Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)
    Google ScholarLocate open access versionFindings
  • Waters, B.: Dual system encryption: realizing fully secure ibe and hibe under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009)
    Google ScholarLocate open access versionFindings
  • Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)
    Google ScholarLocate open access versionFindings
您的评分 :
0

 

标签
评论
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn
小科