Public Key Cryptography – PKC 2011

Volume 6571 of the series Lecture Notes in Computer Science pp 71-89

Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption

  • Shota YamadaAffiliated withThe University of Tokyo
  • , Nuttapong AttrapadungAffiliated withNational Institute of Advanced Industrial Science and Technology (AIST)
  • , Goichiro HanaokaAffiliated withNational Institute of Advanced Industrial Science and Technology (AIST)
  • , Noboru KunihiroAffiliated withThe University of Tokyo


In this paper we propose generic conversions for transforming a chosen-plaintext (CPA) secure attribute-based encryption (ABE) to a chosen-ciphertext (CCA) secure ABE. The only known generic conversion, to the best of our knowledge, was presented by Goyal et al. in ACM-CCS 2006, which itself subsumes the well-known IBE-to-PKE conversion by Canetti, Halevi, and Katz proposed in Eurocrypt 2004. The method by Goyal et al. has some restrictions that it assumes the delegatability of the original ABE and can deal only with the key-policy type of ABE with large attribute universe. In contrast, our methodology is applicable also to those ABE schemes without known delegatability. Furthermore, it works for both key-policy or ciphertext-policy flavors of ABE and can deal with both small and large universe scheme. More precisely, our method assumes only either delegatability or a newly introduced property called verifiability of ABE. We then exhaustively check the verifiability of existing ABE schemes and found that most of them satisfy such a property, hence CCA-secure versions of these schemes can be obtained automatically.