Traceable CP-ABE on Prime Order Groups: Fully Secure and Fully Collusion-Resistant Blackbox Traceable

In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), access policies associated with the ciphertexts are generally role-based and the attributes satisfying the policies are generally shared by multiple users. If a malicious user, with his attributes shared with multiple other users, created a decryption blackbox for sale, this malicious user could be difficult to identify from the blackbox. Hence in practice, a useful CP-ABE scheme should have some tracing mechanism to identify this ‘traitor’ from the blackbox. In this paper, we propose the first CP-ABE scheme which simultaneously achieves (1) fully collusion-resistant blackbox traceability in the standard model, (2) full security in the standard model, and (3) on prime order groups. When compared with the latest fully collusion-resistant blackbox traceable CP-ABE schemes, this new scheme achieves the same efficiency level, enjoying the sub-linear overhead of \(O(\sqrt{N})\), where N is the number of users in the system. This new scheme is highly expressive and can take any monotonic access structures as ciphertext policies.

[1]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Zhen Liu,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Any Monotone Access Structures , 2013, IEEE Transactions on Information Forensics and Security.

[4]  Tatsuaki Okamoto,et al.  Hierarchical Predicate Encryption for Inner-Products , 2009, ASIACRYPT.

[5]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[6]  Brent Waters,et al.  Building efficient fully collusion-resilient traitor tracing and revocation schemes , 2010, CCS '10.

[7]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[8]  Zhen Liu,et al.  Practical Ciphertext-Policy Attribute-Based Encryption: Traitor Tracing, Revocation, and Large Universe , 2015, ACNS.

[9]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[10]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[11]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[12]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[13]  Zhen Liu,et al.  Practical Attribute-Based Encryption: Traitor Tracing, Revocation and Large Universe , 2016, Comput. J..

[14]  Brent Waters,et al.  A fully collusion resistant broadcast, trace, and revoke system , 2006, CCS '06.

[15]  Allison Bishop,et al.  Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting , 2012, EUROCRYPT.

[16]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[17]  Xiao Liu,et al.  Who Is Touching My Cloud , 2014, ESORICS.

[18]  Javier Herranz,et al.  Constant Size Ciphertexts in Threshold Attribute-Based Encryption , 2010, Public Key Cryptography.

[19]  Zhen Liu,et al.  Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on ebay , 2013, CCS.

[20]  Jonathan Katz,et al.  Tracing Insider Attacks in the Context of Predicate Encryption Schemes , 2011 .

[21]  Brent Waters,et al.  Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys , 2006, EUROCRYPT.

[22]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[23]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[24]  Tatsuaki Okamoto,et al.  Homomorphic Encryption and Signatures from Vector Decomposition , 2008, Pairing.