×

zbMATH — the first resource for mathematics

Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. (English) Zbl 1341.68043
Summary: Attribute-based encryption (ABE) systems allow encrypting to uncertain receivers by means of an access policy specifying the attributes that the intended receivers should possess. ABE promises to deliver fine-grained access control of encrypted data. However, when data are encrypted using an ABE scheme, key management is difficult if there is a large number of users from various backgrounds. In this paper, we elaborate on ABE and propose a new versatile cryptosystem referred to as ciphertext-policy hierarchical ABE (CP-HABE). In a CP-HABE scheme, the attributes are organized in a matrix and the users having higher-level attributes can delegate their access rights to the users at a lower level. These features enable a CP-HABE system to host a large number of users from different organizations by delegating keys, e.g., enabling efficient data sharing among hierarchically organized large groups. We construct a CP-HABE scheme with short ciphertexts. The scheme is proven secure in the standard model under non-interactive assumptions.

MSC:
68P25 Data encryption (aspects in computer science)
94A60 Cryptography
PDF BibTeX XML Cite
Full Text: DOI
References:
[1] Abdalla, M.; Kiltz, E.; Neven, G., Generalized key delegation for hierarchical identity-based encryption, (ESORICS’07, (2007), Springer), 139-154
[2] A. Beimel, Secure Schemes for Secret Sharing and Key Distribution, PhD Thesis, Israel Institute of Technology, Technion, Haifa, Israel, 1996.
[3] Bethencourt, J.; Sahai, A.; Waters, B., Ciphertext-policy attribute-based encryption, (IEEE Symposium on Security and Privacy, (2007), IEEE), 321-334
[4] Boneh, D.; Boyen, X.; Goh, E., Hierarchical identity based encryption with constant size ciphertext, (EUROCRYPT’05, (2005), Springer), 440-456 · Zbl 1137.94340
[5] Boneh, D.; Franklin, M., Identity-based encryption from the Weil pairing, (CRYPTO’01, (2001), Springer), 213-229 · Zbl 1002.94023
[6] Boneh, D.; Goh, E.; Nissim, K., Evaluating 2-DNF formulas on ciphertexts, (TCC’05, (2005), Springer), 325-341 · Zbl 1079.94534
[7] Chase, M., Multi-authority attribute based encryption, (TCC’07, (2007), Springer), 515-534 · Zbl 1156.94339
[8] Chen, L.; Cheng, Z.; Smart, N. P., Identity-based key agreement protocols from pairings, Int. J. Inform. Sec., 6, 4, 213-241, (2007)
[9] Goyal, V.; Jain, A.; Pandey, O.; Sahai, A., Bounded ciphertext policy attribute based encryption, (ICALP’08, (2008), Springer), 579-591 · Zbl 1155.94369
[10] Goyal, V.; Pandey, O.; Sahai, A.; Waters, B., Attribute-based encryption for fine-grained access control of encrypted data, (ACM CCS’06, (2006), ACM Press), 89-98
[11] Green, M.; Ateniese, G., Identity-based proxy re-encryption, (ACNS’07, (2007), Springer), 288-306 · Zbl 1214.94045
[12] Hohenberger, S.; Waters, B., Attribute-based encryption with fast decryption, (PKC’13, (2013), Springer), 162-179 · Zbl 1314.94074
[13] Horwitz, J.; Lynn, B., Toward hierarchical identity-based encryption, (EUROCRYPT’02, (2002), Springer), 466-481 · Zbl 1056.94514
[14] Huang, Y. M.; Hsieh, M. Y.; Chao, H. C.; Hung, S. H.; Park, J. H.; Pervasive, Secure access to a hierarchical-based healthcare monitoring architecture in wireless heterogeneous sensor networks, IEEE J. Sel. Areas Commun. (JSAC), 27, 4, 400-411, (2009)
[15] Katz, J.; Sahai, A.; Waters, B., Predicate encryption supporting disjunctions, polynomial equations, and inner products, (EUROCRYPT’08, (2008), Springer), 146-162 · Zbl 1149.94323
[16] Lewko, A.; Okamoto, T.; Sahai, A.; Takashima, K.; Waters, B., Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption, (EUROCRYPT’10, (2010), Springer), 62-91 · Zbl 1279.94095
[17] Lewko, A.; Sahai, A.; Waters, B., Revocation systems with very small private keys, (IEEE Symposium on Security and Privacy, (2010), IEEE), 273-285
[18] Lewko, A.; Waters, B., New techniques for dual system encryption and fully secure HIBE with short ciphertexts, (TCC’10, (2010), Springer), 455-479 · Zbl 1274.94092
[19] Lewko, A.; Waters, B., Unbounded HIBE and attribute-based encryption, (EUROCRYPT’11, (2011), Springer), 547-567 · Zbl 1290.94105
[20] Lin, H.; Cao, Z.; Liang, X.; Shao, J., Secure threshold multi authority attribute based encryption without a central authority, Inform. Sci., 180, 13, 2618-2632, (2010) · Zbl 1191.94095
[21] Liu, S.; Long, Y.; Chen, K., Key updating technique in identity-based encryption, Inform. Sci., 181, 11, 2436-2440, (2011) · Zbl 1217.94101
[22] Okamoto, T.; Takashima, K., Hierarchical predicate encryption for inner-products, (ASIACRYPT’09, (2009), Springer), 214-231 · Zbl 1267.94089
[23] Okamoto, T.; Takashima, K., Fully secure functional encryption with general relations from the decisional linear assumption, (CRYPTO’10, (2010), Springer), 191-208 · Zbl 1280.94086
[24] Ostrovsky, R.; Sahai, A.; Waters, B., Attribute-based encryption with non-monotonic access structures, (ACM CCS’07, (2007), ACM Press), 195-203
[25] Qin, B.; Wu, Q.; Zhang, L.; Farràs, O.; Domingo-Ferrer, J., Provably secure threshold public-key encryption with adaptive security and short ciphertexts, Inform. Sci., 210, 67-80, (2012), (2011) · Zbl 1250.94042
[26] Sahai, A.; Waters, B., Fuzzy identity-based encryption, (EUROCRYPT’05, (2005), Springer), 457-473 · Zbl 1137.94355
[27] Shamir, A., Identity-based cryptosystems and signature schemes, (CRYPTO’84, (1984), Springer), 47-53 · Zbl 1359.94626
[28] Shao, J.; Cao, Z., Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption, Inform. Sci., 206, 83-95, (2012) · Zbl 1278.94059
[29] Wan, Z.; Liu, J.; Deng, R. H., HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing, IEEE Trans. Inform. Forensics Sec., 7, 2, 743-754, (2012)
[30] Wang, H.; Cao, Z.; Wang, L., Multi-use and unidirectional identity-based proxy re-encryption schemes, Inform. Sci., 180, 20, 4042-4059, (2010) · Zbl 1194.94194
[31] Wang, G.; Liu, Q.; Wu, J.; Guo, M., Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers, Comput. Sec., 30, 5, 320-331, (2011)
[32] Waters, B., Efficient identity-based encryption without random oracles, (EUROCRYPT’05, (2005), Springer), 114-127 · Zbl 1137.94360
[33] Waters, B., Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions, (CRYPTO’09, (2009), Springer), 619-636 · Zbl 1252.94101
[34] Waters, B., Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization, (PKC’11, (2011), Springer), 53-70 · Zbl 1291.94165
[35] Yu, J.; Hao, R.; Kong, F.; Cheng, X.; Fan, J.; Chen, Y., Forward-secure identity-based signature: security notions and construction, Inform. Sci., 181, 3, 648-660, (2011) · Zbl 1204.94094
[36] Zhang, L.; Wu, Q.; Qin, B.; Domingo-Ferrer, J., Provably secure one-round identity-based authenticated asymmetric group key agreement protocol, Inform. Sci., 181, 19, 4318-4329, (2011) · Zbl 1242.94033
[37] Zhou, L.; Chao, H. C.; Vasilakos, A. V., Joint forensics-scheduling strategy for delay-sensitive multimedia applications over heterogeneous networks, IEEE J. Sel. Areas Commun., 29, 7, 1358-1367, (2011)
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.