Abstract
Attribute-based encryption (ABE) schemes provide a fine-grained access control mechanism over encrypted data, and are useful for cloud online-storage services, or Pay-TV systems and so on. To apply ABE for such services, key exposure protection mechanisms are necessary. Unfortunately, standard security notions of ABE offer no protection against key exposure. One solution to this problem is to give forward security to ABE schemes. In forward secure cryptographic schemes, even if a secret key is exposed, messages encrypted during all time periods prior to the key leak remain secret. In this paper we propose an efficient Forward Secure Ciphertext-Policy Attribute-Based Encryption (FS-CP-ABE) which is efficient and fully secure. To construct efficient FS-CP-ABE, we first introduce a new cryptographic primitive called Ciphertext-Policy Attribute-Based Encryption with Augmented Hierarchy (CP-ABE-AH). Intuitively, CP-ABE-AH is an encryption scheme with both hierarchical identity based encryption and CP-ABE properties. Then we show that FS-CP-ABE can be constructed from CP-ABE-AH generically. We give the security definition of FS-CP-ABE, and security proofs based on three complexity assumptions. The size of public parameter is \(O(\log T)\), and the secret key size is \(O(\log ^2 T)\) where T is the number of time slots.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Attrapadung, N., Furukawa, J., Imai, H.: Forward-secure and searchable broadcast encryption with short ciphertexts and private keys. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 161–177. Springer, Heidelberg (2006)
Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 248–265. Springer, Heidelberg (2009)
Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Israel Institute of Technology, Haifa, Israel (1996)
Boneh, D., Boyen, X., Goh, E.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)
Boneh, D., Hamburg, M.: Generalized identity based and broadcast encryption schemes. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 455–470. Springer, Heidelberg (2008)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy 2007, pp. 321–334 (2007)
Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communication Security (CCS 2006), pp. 89–98. ACM (2006)
Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)
Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)
Wang, Z., Yao D., Feng R.: Adaptive key protection in complex cryptosystems with attributes. In: IACR Cryptology ePrint Archive 2012/136, (2012)
Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009)
Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)
Yao, D., Fazio, N., Dodis, Y., Lysyanskaya, A.: ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 354–363. ACM (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kitagawa, T., Kojima, H., Attrapadung, N., Imai, H. (2015). Efficient and Fully Secure Forward Secure Ciphertext-Policy Attribute-Based Encryption. In: Desmedt, Y. (eds) Information Security. Lecture Notes in Computer Science(), vol 7807. Springer, Cham. https://doi.org/10.1007/978-3-319-27659-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-27659-5_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27658-8
Online ISBN: 978-3-319-27659-5
eBook Packages: Computer ScienceComputer Science (R0)