International Journal of Information Security

, Volume 17, Issue 4, pp 463–475 | Cite as

Flexible ciphertext-policy attribute-based encryption supporting AND-gate and threshold with short ciphertexts

  • Yinhao JiangEmail author
  • Willy Susilo
  • Yi Mu
  • Fuchun Guo
Regular Contribution


Ciphertext-policy attribute-based encryption (CP-ABE) is a very promising cryptographic primitive that allows a data owner to encrypt messages and manage access policies themselves. Most of the existing CP-ABE schemes suffer from efficiency drawbacks due to long ciphertexts, which impacts their adoption in applications where data are shared and stored. In this work, we aim to address this gap by proposing a CP-ABE which features constant-size ciphertext and supports access policies of an AND-gate and a threshold, which make ciphertext policies more expressive and applicable to many practical applications. Prior CP-ABE schemes with short ciphertexts such as that of Herranz et al. (in: Public key cryptography—PKC, Springer, 2010) only allow access policies to be a single AND-gate or a single threshold only. Combinations between these short CP-ABE constructions will result in systems insecure against collusion attacks, which makes the effort to enable access policies with an AND-gate and a threshold gate at the same time becomes very challenging. We present such a scheme that solves this drawback. Our scheme is efficient, expressive and secure. In our construction, the encryptor chooses two subsets of a certain universe of attributes \(S_1\), \(S_2\) with a threshold value \(t_1\) that only users who have at least \(t_1\) attributes in \(S_1\) and all attributes in \(S_2\) can decrypt the ciphertext. The scheme is proven secure against selective chosen plaintext attacks in the standard model by reduction to the augmented multi-sequence of exponents decisional Diffie–Hellman (aMSE-DDH) problem.


Attribute-based encryption Ciphertext policy Expressive Provable security Pairings 



This work is partially supported by ARC Project (DP130101383).


  1. 1.
    Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Parker, M.G. (ed.) Cryptography and Coding, pp. 278–300. Heidelberg, Berlin (2009)Google Scholar
  2. 2.
    Attrapadung, N., Libert, B.: Functional encryption for inner product: achieving constant-size ciphertexts with adaptive security or support for negation. In: Nguyen, P.Q., Pointcheval, D. (eds.) Public Key Cryptography–PKC 2010, pp. 384–402. Heidelberg, Berlin (2010)Google Scholar
  3. 3.
    Attrapadung, N., Libert, B., De Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) Public Key Cryptography–PKC 2011, pp. 90–108. Heidelberg, Berlin (2011)Google Scholar
  4. 4.
    Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Technion-Israel Institute of Technology, Faculty of Computer Science (1996)Google Scholar
  5. 5.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, 2007. SP’07, pp. 321–334. IEEE (2007)Google Scholar
  6. 6.
    Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, pp. 440–456. Heidelberg, Berlin (2005)Google Scholar
  7. 7.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) Advances in Cryptology CRYPTO 2001, pp. 213–229. Heidelberg, Berlin (2001)Google Scholar
  8. 8.
    Chen, C., Chen, J., Lim, H.W., Zhang, Z., Feng, D., Ling, S., Wang, H.: Fully secure attribute-based systems with short ciphertexts/signatures and threshold access structures. In: Dawson. (ed.) Topics in Cryptology–CT-RSA 2013, pp. 50–67. Heidelberg, Berlin (2013)Google Scholar
  9. 9.
    Chen, C., Zhang, Z., Feng, D.: Efficient ciphertext policy attribute-based encryption with constant-size ciphertext and constant computation-cost. In: Boyen, X., Chen, X. (eds.) Provable Security, pp. 84–101. Heidelberg, Berlin (2011)Google Scholar
  10. 10.
    Cheung,L., Newport, C.: Provably secure ciphertext policy abe. In: Proceedings of the 14th ACM Conference on Computer And Communications Security, pp. 456–465. ACM (2007)Google Scholar
  11. 11.
    Delerablée, C., Pointcheval, D.: Dynamic threshold public-key encryption. In: Wagner, D. (ed.) Advances in Cryptology–CRYPTO 2008, pp. 317–334. Heidelberg, Berlin (2008)Google Scholar
  12. 12.
    Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Bao, F., Li, H., Wang, G. (eds.) Information Security Practice and Experience, pp. 13–23. Heidelberg, Berlin (2009)Google Scholar
  13. 13.
    Ge, A., Zhang, R., Chen, C., Ma, C., Zhang, Z.: Threshold ciphertext policy attribute-based encryption with constant size ciphertexts. In: Susilo, W., Mu, Y., Seberry, J. (eds.) Information Security and Privacy, pp. 336–349. Heidelberg, Berlin (2012)Google Scholar
  14. 14.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)Google Scholar
  15. 15.
    Herranz, J., Laguillaumie, F., Ràfols, C.: Constant size ciphertexts in threshold attribute-based encryption. In: Nguyen, P.Q., Pointcheval, D. (eds.) Public Key Cryptography–PKC 2010, pp. 19–34. Heidelberg, Berlin (2010)Google Scholar
  16. 16.
    Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: Krawczyk, H. (ed.) Public-Key Cryptography–PKC 2014, pp. 293–310. Heidelberg, Berlin (2014)Google Scholar
  17. 17.
    Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)CrossRefGoogle Scholar
  18. 18.
    Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart, N. (ed.) Advances in Cryptology–EUROCRYPT 2008, pp. 146–162. Heidelberg, Berlin (2008)Google Scholar
  19. 19.
    Lai, J., Deng, R.H., Li, Y.: Expressive cp-abe with partially hidden access structures. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, pp. 18–19. ACM (2012)Google Scholar
  20. 20.
    Li, J., Huang, Q., Chen, X., Chow, S.S., Wong, D.S., Xie, D., Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Cheung, B., Hui, L.C.K., Sandhu, R., Wong, D.S. (eds.) Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 386–390. ACM, New York, USA (2011)Google Scholar
  21. 21.
    Li, J., Ren, K., Kim, K.: A2be: accountable attribute-based encryption for abuse free access control. IACR Cryptol. ePrint Arch. 2009, 118 (2009)Google Scholar
  22. 22.
    Li, J., Ren, K., Zhu, B., Wan, Z.: Privacy-aware attribute-based encryption with user accountability. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) Information Security, pp. 347–362. Heidelberg, Berlin (2009)Google Scholar
  23. 23.
    Li, Q., Xiong, H., Zhang, F., Zeng, S.: An expressive decentralizing kp-abe scheme with constant-size ciphertext. IJ Netw. Sec. 15(3), 161–170 (2013)Google Scholar
  24. 24.
    Liang, X., Lu, R., Lin, X., Shen, X.S., Ciphertext policy attribute based encryption with efficient revocation. Technical report, Technical Report, University of Waterloo, (2010)Google Scholar
  25. 25.
    Liu, Z., Cao, Z., Wong, D.: White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans. Inf. Forensics Sec. 8(1), 76–88 (2013)CrossRefGoogle Scholar
  26. 26.
    Liu, Z., Cao, Z., Wong. D.S.: Blackbox traceable cp-abe: how to catch people leaking their keys by selling decryption devices on ebay. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 475–486. ACM (2013)Google Scholar
  27. 27.
    Naor, M.: On cryptographic assumptions and challenges. In: Boneh, D. (ed.) Advances in Cryptology-CRYPTO 2003, pp. 96–109. Heidelberg, Berlin (2003)Google Scholar
  28. 28.
    Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, pp. 111–129. Heidelberg, Berlin (2008)Google Scholar
  29. 29.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 195–203. ACM (2007)Google Scholar
  30. 30.
    Rao, Y.S., Dutta, R.: Computationally efficient dual-policy attribute based encryption with short ciphertext. In: Susilo, W., Reyhanitabar, R. (eds.) Provable Security, pp. 288–308. Heidelberg, Berlin (2013)Google Scholar
  31. 31.
    Rao, Y.S., Dutta, R.: Recipient anonymous ciphertext-policy attribute based encryption. In: Bagchi, A., Ray, I. (eds.) Information Systems Security, pp. 329–344. Heidelberg, Berlin (2013)Google Scholar
  32. 32.
    Sahai, A., Waters, B., Fuzzy identity-based encryption. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, pp. 457–473. Heidelberg, Berlin (2005)Google Scholar
  33. 33.
    Tran, P.V.X., Dinh, T.N., Miyaji, A.: Efficient ciphertext-policy abe with constant ciphertext length. In: 2012 7th International Conference on Computing and Convergence Technology (ICCCT), pp. 543–549. IEEE (2012)Google Scholar
  34. 34.
    Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 261–270. ACM (2010)Google Scholar
  35. 35.
    Zhang, Y., Chen, X., Li, J., Wong, D.S., Li, H.: Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the 8th ACM SIGSAC symposium on Information, Computer and Communications Security, pp. 511–516. ACM (2013)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  1. 1.Centre for Computer and Information Security Research, School of Computing and Information TechnologyUniversity of WollongongWollongongAustralia

Personalised recommendations