Ciphertext-policy attribute-based encryption supporting access policy update and its extension with preserved attributes

Attribute-based encryption ABE allows one-to-many encryption with static access control. In many occasions, the access control policy must be updated and the original encryptor might be required to re-encrypt the message, which is impractical, since the encryptor might be unavailable. Unfortunately, to date the work in ABE does not consider this issue yet, and hence this hinders the adoption of ABE in practice. In this work, we consider how to efficiently update access policies in Ciphertext-policy Attribute-based Encryption CP-ABE systems without re-encryption. We introduce a new notion of CP-ABE supporting access policy update that captures the functionalities of attribute addition and revocation to access policies. We formalize the security requirements for this notion, and subsequently construct two provably secure CP-ABE schemes supporting AND-gate access policy with constant-size ciphertext for user decryption. The security of our schemes are proved under the Augmented Multi-sequences of Exponents Decisional Diffie-Hellman assumption.

[1]  Joseph K. Liu,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing , 2015, Future Gener. Comput. Syst..

[2]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[3]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[4]  Jin Li,et al.  Anonymous attribute-based encryption supporting efficient decryption test , 2013, ASIA CCS '13.

[5]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[6]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[7]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[8]  Guomin Yang,et al.  An Adaptively CCA-Secure Ciphertext-Policy Attribute-Based Proxy Re-Encryption for Cloud Data Sharing , 2014, ISPEC.

[9]  Yang-Wai Chow,et al.  Recipient Revocable Identity-Based Broadcast Encryption: How to Revoke Some Recipients in IBBE without Knowledge of the Plaintext , 2016, AsiaCCS.

[10]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[11]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[12]  Moni Naor,et al.  On Cryptographic Assumptions and Challenges , 2003, CRYPTO.

[13]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.

[14]  David Pointcheval,et al.  Dynamic Threshold Public-Key Encryption , 2008, CRYPTO.

[15]  Willy Susilo,et al.  A Ciphertext-Policy Attribute-Based Proxy Re-encryption with Chosen-Ciphertext Security , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[16]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[17]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[18]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[19]  Hwajeong Seo,et al.  Attribute-based Proxy Re-encryption with a Constant Number of Pairing Operations , 2012, J. Inform. and Commun. Convergence Engineering.

[20]  Javier Herranz,et al.  Constant Size Ciphertexts in Threshold Attribute-Based Encryption , 2010, Public Key Cryptography.

[21]  Jin Li,et al.  Privacy-Aware Attribute-Based Encryption with User Accountability , 2009, ISC.

[22]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[23]  Zhong Chen,et al.  Ciphertext Policy Attribute-Based Proxy Re-encryption , 2010, ICICS.

[24]  Brent Waters,et al.  Functional Encryption for Regular Languages , 2012, CRYPTO.

[25]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[26]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[27]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..