New Model and Construction of ABE: Achieving Key Resilient-Leakage and Attribute Direct-Revocation

Attribute-Based Encryption allows for implementing fine-grained decentralized access control based on properties or attributes a user has, which has drawn attention for realizing decentralized access control in large and dynamic networks such as Mesh network, Internet of Things and cloud computing. However, in open networks, the attacker can blow the concrete implementation of cryptosystems, and then gain the internal secret states such as pseudo-random number, internal result and secret key to break the system. In this work, we first model a fine-grained attribute revocable (ciphertext-policy) attribute-based encryption in the presence of key leakage, and then give a concrete construction with security and resilient-leakage performance analysis. Our scheme is the first designing enjoying at the same time the following properties: (i) Support attribute direct revocation that does not affect any other user’s secret key. (ii) Tolerate the key of matching the challenge ciphertext to be partially revealed. (iii) Provide a key update mechanism to support continual leakage tolerance.

[1]  Zvika Brakerski,et al.  Circular and Leakage Resilient Public-Key Encryption Under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) , 2010, IACR Cryptol. ePrint Arch..

[2]  Hideki Imai,et al.  Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes , 2009, IMACC.

[3]  Yevgeniy Dodis,et al.  Efficient Public-Key Cryptography in the Presence of Key Leakage , 2010, ASIACRYPT.

[4]  William E. Burr,et al.  Cryptographic Algorithms and Key Sizes for Personal Identity Verification , 2010 .

[5]  Allison Lewko,et al.  Tools for simulating features of composite order bilinear groups in the prime order setting , 2012 .

[6]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[7]  Dengguo Feng,et al.  Towards Attribute Revocation in Key-Policy Attribute Based Encryption , 2011, CANS.

[8]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[9]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[10]  Shai Halevi Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings , 2009, CRYPTO.

[11]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.

[12]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2009, SIAM J. Comput..

[13]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[14]  Jie Wu,et al.  Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers , 2011, Comput. Secur..

[15]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[16]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[17]  Yi Mu,et al.  Attribute-Based Oblivious Access Control , 2012, Comput. J..

[18]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[19]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[20]  Brent Waters,et al.  Practical leakage-resilient identity-based encryption from simple assumptions , 2010, CCS '10.

[21]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[22]  Kenneth G. Paterson,et al.  Security of Symmetric Encryption in the Presence of Ciphertext Fragmentation , 2012, IACR Cryptol. ePrint Arch..

[23]  Yi Mu,et al.  Leakage-Resilient Attribute-Based Encryption with Fast Decryption: Models, Analysis and Constructions , 2013, ISPEC.

[24]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[25]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[26]  Allison Bishop,et al.  Achieving Leakage Resilience through Dual System Encryption , 2011, TCC.

[27]  Mark Manulis,et al.  Cryptology and Network Security , 2012, Lecture Notes in Computer Science.

[28]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[29]  Vinod Vaikuntanathan,et al.  On Continual Leakage of Discrete Log Representations , 2013, IACR Cryptol. ePrint Arch..

[30]  Marcin Wójcik,et al.  Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests , 2013, ASIACRYPT.

[31]  Mingwu Zhang,et al.  Bounded Leakage-Resilient Functional Encryption with Hidden Vector Predicate , 2013, Comput. J..

[32]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[33]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2012 , 2012, Lecture Notes in Computer Science.

[34]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[35]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[36]  Hovav Shacham,et al.  Pairing-Based Cryptography - Pairing 2009, Third International Conference, Palo Alto, CA, USA, August 12-14, 2009, Proceedings , 2009, Pairing.

[37]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[38]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[39]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[40]  Tal Rabin Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings , 2010, CRYPTO.