×

A framework and compact constructions for non-monotonic attribute-based encryption. (English) Zbl 1335.94084

Krawczyk, Hugo (ed.), Public-key cryptography – PKC 2014. 17th international conference on practice and theory in public-key cryptography, Buenos Aires, Argentina, March 26–28, 2014. Proceedings. Berlin: Springer (ISBN 978-3-642-54630-3/pbk). Lecture Notes in Computer Science 8383, 275-292 (2014).
Summary: In this paper, we propose new non-monotonic attribute-based encryption schemes with compact parameters. The first three schemes are key-policy attribute-based encryption (KP-ABE) and the fourth scheme is ciphertext-policy attribute-based encryption (CP-ABE) scheme.
\(\bullet\) Our first scheme achieves the shortest ciphertext overhead in the literature. Compared to the scheme by N. Attrapadung et al. [PKC 2011, Lect. Notes Comput. Sci. 6571, 90–108 (2011; Zbl 1291.94049)], which is the best scheme in terms of the ciphertext overhead, our scheme shortens ciphertext overhead by 33%. The scheme also reduces the size of the master public key to about half.
\(\bullet\) Our second scheme is proven secure under the decisional bilinear Diffie-Hellman (DBDH) assumption, which is one of the most standard assumptions in bilinear groups. Compared to the non-monotonic KP-ABE scheme from the same assumption by R. Ostrovsky et al. [Attribute-based encryption with non-monotonic access structures. 14th ACM Conference on Computer and Communications Security, CCS 2007, 195–203 (2007); doi:10.1145/1315245.1315270], our scheme reduces the size of the master public key and the ciphertext to about half.
\(\bullet\) Our third scheme is the first non-monotonic KP-ABE scheme that can deal with unbounded size of set and access policies. That is, there is no restriction on the size of attribute sets and the number of allowed repetition of the same attributes which appear in an access policy. The master public key of our scheme consists of only constant number of group elements.
\(\bullet\) Our fourth scheme is the first non-monotonic CP-ABE scheme that can deal with unbounded size of set and access policies. The master public key of the scheme consists of only constant number of group elements.
We construct our KP-ABE schemes in a modular manner. We first introduce special type of predicate encryption that we call two-mode identity based broadcast encryption (TIBBE). Then, we show that any TIBBE scheme that satisfies certain condition can be generically converted into non-monotonic KP-ABE scheme. Finally, we construct efficient TIBBE schemes and apply this conversion to obtain the above new non-monotonic KP-ABE schemes.
For the entire collection see [Zbl 1283.94002].

MSC:

94A60 Cryptography

Citations:

Zbl 1291.94049
PDFBibTeX XMLCite
Full Text: DOI