Multi-authority Distributed Attribute-Based Encryption with Application to Searchable Encryption on Lattices

Many Internet users deploy several cloud services for storing sensitive data. Cloud services provide the opportunity to perform cheap and efficient storage techniques. In order to guarantee secrecy of uploaded data, users need first to encrypt it before uploading it to the cloud servers. There are also certain services which allow user to perform search operations according to certain attributes without revealing any information about the encrypted content. In the cryptographic community this service is known as the public key encryption with keyword search. In order to enable user control during performed search operations there exists an attribute-based encryption scheme that provides the required functionality. We introduce the first Key-Policy Multi-Authority Attribute-Based Encryption (KP-MABE) on lattices assuming existence of multiple servers, where each of these servers contributes to the decryption process by computing decryption shares using its own secret share. Furthermore we construct a Key-Policy Distributed Attribute-Based Searchable Encryption (DABSE) which is based on lattices and use the introduced KP-MABE as a building block for the transformation to DABSE. We prove our scheme secure against chosen ciphertext attacks under the assumption that the underlying KP-MABE is secure under the hardness of learning with errors (LWE) problem.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Ioannis Rouselakis Attribute-based encryption : robust and efficient constructions , 2013 .

[3]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[4]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[5]  Shouhuai Xu,et al.  VABKS: Verifiable attribute-based keyword search over outsourced encrypted data , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[6]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[7]  Yiwei Thomas Hou,et al.  Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[8]  Chris Peikert,et al.  How to Share a Lattice Trapdoor: Threshold Protocols for Signatures and (H)IBE , 2013, ACNS.

[9]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[10]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[11]  Brent Waters,et al.  Secure Conjunctive Keyword Search over Encrypted Data , 2004, ACNS.

[12]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[13]  Xavier Boyen,et al.  Attribute-Based Functional Encryption on Lattices , 2013, TCC.

[14]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.

[15]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[16]  Dan Boneh,et al.  Efficient Lattice (H)IBE in the Standard Model , 2010, EUROCRYPT.

[17]  Pil Joong Lee,et al.  Public Key Encryption with Conjunctive Keyword Search and Its Extension to a Multi-user System , 2007, Pairing.

[18]  Lei Zhang,et al.  Attribute-Based Keyword Search and Data Access Control in Cloud , 2014, 2014 Tenth International Conference on Computational Intelligence and Security.

[19]  Cynthia Dwork,et al.  A public-key cryptosystem with worst-case/average-case equivalence , 1997, STOC '97.

[20]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[21]  Xavier Boyen,et al.  Lattice Mixing and Vanishing Trapdoors A Framework for Fully Secure Short Signatures and more , 2010 .

[22]  Chris Peikert,et al.  Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller , 2012, IACR Cryptol. ePrint Arch..

[23]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[24]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[25]  Oded Regev,et al.  Lattice-Based Cryptography , 2006, CRYPTO.

[26]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[27]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[28]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[29]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[30]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[31]  Fei Liu,et al.  Public-Key Encryption with Keyword Search from Lattice , 2013, 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[32]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[33]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[34]  Yuan Li,et al.  A Ciphertext-Policy Attribute-Based Encryption Scheme Supporting Keyword Search Function , 2013, CSS.

[35]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[36]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[37]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[38]  Mihir Bellare,et al.  Robust Encryption , 2010, TCC.

[39]  David Cash,et al.  Bonsai Trees, or How to Delegate a Lattice Basis , 2010, EUROCRYPT.

[40]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.