doi:

DOI: 10.3724/SP.J.1001.2011.03993

Journal of Software (软件学报) 2011/22:6 PP.1299-1315

Attribute-Based Encryption Schemes


Abstract:
Attribute-Based encryption (ABE) scheme takes attributes as the public key and associates the ciphertext and user’s secret key with attributes, so that it can support expressive access control policies. This dramatically reduces the cost of network bandwidth and sending node’s operation in fine-grained access control of data sharing. Therefore, ABE has a broad prospect of application in the area of fine-grained access control. After analyzing the basic ABE system and its two variants, Key-Policy ABE (KP-ABE) and Ciphertext-Policy ABE (CP-ABE), this study elaborates the research problems relating to ABE systems, including access structure design for CP-ABE, attribute key revocation, key abuse and multi-authorities ABE with an extensive comparison of their functionality and performance. Finally, this study discusses the need-to-be solved problems and main research directions in ABE.

Key words:ABE,access control policy,revocation,key abuse,multi-authorities

ReleaseDate:2014-07-21 15:50:08



[1] Fiat A, Naor M. Broadcast encryption. In: Stinson DR, ed. Advances in Cryptology-CRYPTO’93. Berlin, Heidelberg: Springer- Verlag, 1994. 480-491.

[2] Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers. In: Kilian J, ed. Advances in Cryptology- CRYPTO 2001. Berlin, Heidelberg: Springer-Verlag, 2001. 41-62.

[3] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup V, ed. Advances in Crytology-CRYPTO 2005. Berlin, Heidelberg: Springer-Verlag, 2005. 258-275. [doi: 10.1007/11535218_16]

[4] Shamir A. Identity-Based cryptosystems and signature schemes. In: Blakley GR, Chaum D, eds. Advances in Cryptology- CRYPTO’84. Berlin, Heidelberg: Springer-Verlag, 1984. 47-53.

[5] Boneh D, Franklin M. Identity-Based encryption from the weil pairing. In: Kilian J, ed. Advances in Cryptology-CRYPTO 2001. LNCS 2139, Berlin, Heidelberg: Springer-Verlag, 2001. 213-229. [doi: 10.1007/3-540-44647-8_13]

[6] Sahai A, Waters B. Fuzzy identity-based encryption. In: Cramer R, ed. Advances in Cryptology-EUROCRYPT 2005. Berlin, Heidelberg: Springer-Verlag, 2005. 457-473.

[7] Goyal V, Pandey O, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In: Proc. of the 13th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2006. 89-98. [doi: 10.1145/1180405. 1180418]

[8] Yu SC, Ren K, Lou WJ. Attribute-Based content distribution with hidden policy. In: Proc. of the 4th Workshop on Secure Network Protocols (NPSec). Orlando: IEEE Computer Society, 2008. 39-44. [doi: 10.1109/NPSEC.2008.4664879]

[9] Traynor P, Butler K, Enck W, Mcdaniel P. Realizing massive-scale conditional access systems through attribute-based cryptosystems. In: Proc. of the 15th Annual Network and Distributed System Security Symp. (NDSS 2008). San Diego: USENIX Association, 2008. 1-13.

[10] Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2007. 456-465. [doi: 10.1145/1315245.1315302]

[11] Cheung L, Cooley JA, Khazan R, Newport C. Collusion-Resistant group key management using attribute-based encryption. http://eprint.iacr.org/2007/161.pdf

[12] Yu SC, Ren K, Lou WJ. Attribute-Based on-demand multicast group setup with membership anonymity. Computer Networks, 2010, 54(3):377-386. [doi: 10.1016/j.comnet.2009.09.009]

[13] Baden R, Bender A, Spring N, Bhattacharjee B, Starin D. Persona: An online social network with user-defined privacy. In: Proc. of the ACM SIGCOMM 2009 Conf. on Data Communication. New York: ACM Press, 2009. 135-146. [doi: 10.1145/1592568. 1592585]

[14] Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Proc. of the 2007 IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 2007. 321-334. [doi: 10.1109/SP.2007.11]

[15] Beimel A. Secure schemes for secret sharing and key distribution [Ph.D. Thesis]. Technion: Israel Institute of Technology, 1996.

[16] Liang XH. Research on attribute-based cryptosystem [MS. Thesis]. Shanghai: Shanghai Jiaotong University Press, 2009 (in Chinese).梁晓辉.基于属性的密码系统研究[硕士学位论文].上海:上海交通大学,2009.

[17] Lewko A, Sahai A, Waters B. Revocation systems with very small private keys. In: Proc. of the IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 2010. 273-285. [doi: 10.1109/SP.2010.23]

[18] Shamir A. How to share a secret. Communications of the ACM, 1979,22(11):612-613. [doi: 10.1145/359168.359176]

[19] Pirretti M, Traynor P, Mcdaniel P, Waters B. Secure attribute-based systems. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2006. 99-112. [doi: 10.1145/1180405.1180419]

[20] Baek J, Susilo W, Zhou J. New constructions of fuzzy identity-based encryption. In: Proc. of the ASIAN ACM Conf. on Computer and Communications Security (ASIACCS 2007). New York: ACM Press, 2007. 368-370. [doi: 10.1145/1229285.1229330]

[21] Ostrovsky R, Sahai A, Waters B. Attribute-Based encryption with non-monotonic access structures. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2007. 195-203. [doi: 10.1145/1315245.1315270]

[22] Naor M, Pinkas B. Efficient trace and revoke schemes. In: Frankel Y, ed. Proc. of the Financial Cryptography. Berlin, Heidelberg: Springer-Verlag, 2001. 1-20. [doi: 10.1007/978-3-540-68914-0_7]

[23] Nishide T, Yoneyama K, Ohta K. Attribute-Based encryption with partially hidden encryptor-specified access structures. In: Bellovin SM, Gennaro R, Keromytis A, Yung M, eds. Proc. of the Applied Cryptography and Network Security. Berlin, Heidelberg: Springer-Verlag, 2008. 111-129. [doi: 10.1007/978-3-540-68914-0_7]

[24] Emura K, Miyaji A, Nomura A, Omote K, Soshi M. A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Bao F, Li H, Wang G, eds. Proc. of the Information Security Practice and Experience (ISPEC 2009). Berlin, Heidelberg: Springer-Verlag, 2009. 13-23. [doi: 10.1007/978-3-642-00843-6_2]

[25] Canetti R, Halevi S, Katz J. Chosen-Ciphertext security from identity-based encryption. In: Advances in Cryptology-EUROCRYPT 2004. Berlin, Heidelberg: Springer-Verlag, 2004. 207-222.

[26] Boneh D, Waters B. Conjunctive, subset, and range queries on encrypted data. In: Proc. of the Theory of Cryptography Conf. (TCC). Berlin, Heidelberg: Springer-Verlag, 2007. 535-554. [doi: 10.1007/978-3-540-70936-7_29]

[27] Goyal V, Jain A, Pandey O, Sahai A. Bounded ciphertext policy attribute based encryption. In: Aceto L, Damgård I, Goldberg LA, Halldórsson M M, Ingólfsdóttir A, Walukiewicz I, eds. Proc. of the ICALP 2008. Berlin, Heidelberg: Springer-Verlag, 2008. 579-591. [doi: 10.1007/978-3-540-70583-3_47]

[28] Liang XH, Cao ZF, Lin H, Xing DS. Provably secure and efficient bounded ciphertext policy attribute based encryption. In: Proc. of the ASIAN ACM Symp. on Information, Computer and Communications Security (ASIACCS 2009). New York: ACM Press, 2009. 343-352. [doi: 10.1145/1533057.1533102]

[29] Ibraimi L, Tang Q, Hartel P, Jonker W. Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: Proc. of the Information Security Practice and Experience. Berlin, Heidelberg: Springer-Verlag, 2009. 1-12. [doi: 10.1007/978-3-642- 00843-6_1]

[30] Waters B. Ciphertext-Policy attribute-based encryption: An expressive, efficient, and provably secure realization. http://eprint.iacr. org/2008/290.pdf [doi: 10.1007/978-3-642-19379-8_4]

[31] Attrapadung N, Imai H. Conjunctive broadcast and attribute-based encryption. In: Shacham H, Waters B, eds. Proc. of the Pairing-Based Cryptography-Pairing 2009. Berlin, Heidelberg: Springer-Verlag, 2009. 248-265. [doi: 10.1007/978-3-642-03298- 1_16]

[32] Lewko A, Okamoto T, Sahai A, Takashima K, Waters B. Fully secure functional encryption: Attribute-Based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology-EUROCRYPT 2010. LNCS 6110, Berlin, Heidelberg: Springer-Verlag, 2010. 62-91. [doi: 10.1007/978-3-642-13190-5_4]

[33] Waters B. Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. In: Halevi S, ed. Advances in Cryptology-CRYTO 2009. Berlin, Heidelberg: Springer-Verlag, 2009. 619-636. [doi: 10.1007/978-3-642-03356-8_36]

[34] Lewko A, Waters B. New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: Proc. of the 7th Theory of Cryptography Conf. (TCC 2010). Berlin, Heidelberg: Springer-Verlag, 2010. 455-479. [doi: 10.1007/978-3-642-11799- 2_27]

[35] Attrapadung N, Imai H. Attribute-Based encryption supporting direct/indirect revocation modes. In: Parker MG, ed. Proc. of the Cryptography and Coding 2009. Berlin, Heidelberg: Springer-Verlag, 2009. 278-300. [doi: 10.1007/978-3-642-10868-6_17]

[36] Boldyreva A, Goyal V, Kumar V. Identity-Based encryption with efficient revocation. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2008. 417-426. [doi: 10.1145/1455770.1455823]

[37] Ibraimi L, Petkovic M, Nikova S, Hartel P, Jonker W. Mediated ciphertext-policy attribute-based encryption and its application. In: Proc. of the 10th Int’l Workshop on Information Security Applications-WISA 2009. LNCS 5932, Berlin, Heidelberg: Springer-Verlag, 2009. 309-323. [doi: 10.1007/978-3-642-10838-9_23]

[38] Yu SC, Wang C, Ren K, Lou WJ. Attribute based data sharing with attribute revocation. In: Proc. of the ASIAN ACM Conf. on Computer and Communications Security (ASIACCS 2010). New York: ACM Press, 2010. 261-270. [doi: 10.1145/1755688. 1755720]

[39] Li J, Ren K, Kim K. A2BE: Accountable attribute-based encryption for abuse free access control. http://eprint.iacr.org/2009/118.pdf

[40] Li J, Ren K, Zhu B, Wan ZG. Privacy-Aware attribute-based encryption with user accountability. In: Proc. of the Information Security Conf. 2009. LNCS 5735, Berlin, Heidelberg: Springer-Verlag, 2009. 347-362. [doi: 10.1007/978-3-642-04474-8_28]

[41] Yu SC, Ren K, Lou WJ, Li J. Defending against key abuse attacks in KP-ABE enabled broadcast systems. In: Proc. of the Security and Privacy in Communication Networks. Berlin, Heidelberg: Springer-Verlag, 2009. 311-329. [doi: 10.1007/978-3-642-05284-2_ 18]

[42] Boneh D, Sahai A, Waters B. Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Vaudenay S,ed. Advances in Cryptology-EUROCRYPT 2006. LNCS 4004, Berlin, Heidelberg: Springer-Verlag, 2006. 573-592. [doi: 10.1007/11761679_34]

[43] Chase M. Multi-Authority attribute based encryption. In: Proc. of the Theory of Cryptography Conf. (TCC). Berlin, Heidelberg: Springer-Verlag, 2007. 515-534.

[44] Božović V, Socek D, Steinwandt R, Villányi VI. Multi-Authority attribute based encryption with honest-but-curious central authority 2009. http://eprint.iacr.org/2009/083.pdf

[45] Lin H, Cao ZF, Liang X, Shao J. Secure threshold multi authority attribute based encryption without a central authority. In: Chowdhury DR, Rijmen V, Das A, eds. Proc. of the Cryptology in India-INDOCRYPT 2008. Berlin, Heidelberg: Springer-Verlag, 2008. 426-436. [doi: 10.1007/978-3-540-89754-5_33]

[46] Chase M, Chow SSM. Improving privacy and security in multi-authority attribute-based encryption. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2009. 121-130. [doi: 10.1145/1653662.1653678]

[47] Gennaro R, Jarecki S, Krawczyk H, Rabin T. Secure distributed key generation for discrete-log based cryptosystems. Journal of Cryptology, 2007,20(1):51-83. [doi: 10.1007/s00145-006-0347-3]

[48] Goyal V, Lu S, Sahai A, Waters B. Black-Box accountable authority identity-based encryption. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2008. 427-436. [doi: 10.1145/1455770.1455824]

[49] Kapadia A, Tsang PP, Smith SW. Attribute-Based publishing with hidden credentials and hidden policies. In: Proc. of the 14th Annual Network and Distributed System Security Symp. (NDSS 2007). USENIX Association, 2007. 179-192.

[50] Li J, Wang Q, Wang C, Ren K. Enhancing attribute-based encryption with attribute hierarchy. In: Proc. of the Mobile Networks and Applications. Berlin, Heidelberg: Springer-Verlag, 2010. 1-9. [doi: 10.1007/s11036-010-0233-y]

[51] Agrawal S, Boneh D, Boyen X. Efficient lattice (H) IBE in the standard model. In: Gilbert H, ed. Advances in Cryptology- EUROCRYPT 2010. Berlin, Heidelberg: Springer-Verlag, 2010. 553-572.

[52] Boneh D, Boyen X, Goh EJ. Hierarchical identity based encryption with constant size ciphertext. In: Cramer R, ed. Advances in Cryptology-EUROCRYPT 2005. Berlin, Heidelberg: Springer-Verlag, 2005. 440-456. [doi: 10.1007/11426639_26]

[53] Boyen X, Waters B. Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork C, ed. Advances in Cryptology-CRYPTO 2006. Berlin, Heidelberg: Springer-Verlag, 2006. 290-307. [doi: 10.1007/11818175_17]

[54] Horwitz J, Lynn B. Toward hierarchical identity-based encryption. In: Proc. of the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg: Springer-Verlag, 2002. 466-481.

[55] Yao DF, Fazio N, Dodis Y, Lysyanskaya A. Id-Based encryption for complex hierarchies with applications to forward security and broadcast encryption. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2004. 354-363. [doi: 10.1145/1030083.1030130]

[56] Attrapadung N, Imai H. Dual-Policy attribute based encryption. In: Abdalla M, Pointcheval D, Fouque P A, Vergnaud D, eds. Proc. of the Applied Cryptography and Network Security. Berlin, Heidelberg: Springer-Verlag, 2009. 168-185. [doi: 10.1007/978-3- 642-01957-9_11]

PDF