Advertisement

Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability

  • Kai Zhang
  • Hui Li
  • Jianfeng Ma
  • Ximeng Liu
Research Paper

Abstract

Traceable multi-authority ciphertext-policy attribute-based encryption (CP-ABE) is a practical encryption method that can achieve user traceability and fine-grained access control simultaneously. However, existing traceable multi-authority CP-ABE schemes have two main limitations that prevent them from practical applications. First, these schemes only support small universe: the attributes must be fixed at system setup and the attribute space is restricted to polynomial size. Second, the schemes are either less expressive (the access policy is limited to “AND gates with wildcard”) or inefficient (the system is constructed in composite order bilinear groups). To address these limitations, we present a traceable large universe multi-authority CP-ABE scheme, and further prove that it is statically secure in the random oracle model. Compared with existing traceable multi-authority CP-ABE schemes, the proposed scheme has four advantages. First, the attributes are not fixed at setup and the attribute universe is not bounded to polynomial size. Second, the ciphertext polices can be expressed as any monotone access structures. Third, the proposed scheme is constructed in prime order groups, which makes this scheme more efficient than those in composite order bilinear groups. Finally, the proposed scheme requires neither a central authority nor an identity table for tracing.

Keywords

attribute-based encryption multi-authority ciphertext-policy traceability large universe 

Notes

Acknowledgments

This work was supported by National High Technology Research and Development Program of China (863 Program) (Grant No. 2015AA016007), Fundamental Research Funds for the Central Universities (Grant No. BDZ011402), China 111 Project (Grant No. B16037), and National Natural Science Foundation of China (Grant Nos. U1405255, 61472310).

References

  1. 1.
    Sahai A, Waters B. Fuzzy identity-based encryption. In: Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, 2005. 457–473Google Scholar
  2. 2.
    Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 89–98Google Scholar
  3. 3.
    Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute based encryption. In: Proceedings of the 28th IEEE Symposium on Security and Privacy, Berkeley, 2007. 321–334Google Scholar
  4. 4.
    Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 456–465Google Scholar
  5. 5.
    Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 195–203Google Scholar
  6. 6.
    Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of the 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco and Nice, 2010. 62–91Google Scholar
  7. 7.
    Okamoto T, Takashima K. Fully secure functional encryption with general relations from the decisional linear assumption. In: Proceedings of the 30th International Cryptology Conference, Santa Barbara, 2010. 191–208Google Scholar
  8. 8.
    Waters B. Ciphertext-polic. attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 53–70Google Scholar
  9. 9.
    Chase M. Multi-authority attribute based encryption. In: Proceedings of the 4th Theory of Cryptography Conference, Amsterdam, 2007. 515–534CrossRefGoogle Scholar
  10. 10.
    Li J, Huang Q, Chen X, et al. Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, 2011. 386–390Google Scholar
  11. 11.
    Liu Z, Cao Z, Wong D. White-bo. traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans Inf Foren Secur, 2013, 8: 76–88CrossRefGoogle Scholar
  12. 12.
    Zhou J, Cao Z, Dong X, et al. TR-MABE: white-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems. In: Proceedings of the IEEE Conference on Computer Communications, Hong Kong, 2015. 2398–2406Google Scholar
  13. 13.
    Chase M, Chow S S M. Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 2009. 121–130Google Scholar
  14. 14.
    Lewko A, Waters B. Decentralizing attribute-based encryption. In: Proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, 2011. 568–588Google Scholar
  15. 15.
    Ying Z B, Li H, Ma J F, et al. Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating. Sci China Inf Sci, 2016, 59: 042701CrossRefGoogle Scholar
  16. 16.
    Lewko A, Waters B. Unbounded HIBE and attribute-based encryption. In: Proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, 2011. 547–567Google Scholar
  17. 17.
    Rouselakis Y, Waters B. Practical constructions and new proof methods for large universe attribute-based encryption. In: Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, 2013. 463–474Google Scholar
  18. 18.
    Rouselakis Y, Waters B. Efficient statically-secure large-universe multi-authority attribute-based encryption. In: Financial Cryptography and Data Security. Berlin: Springer, 2015. 315–332CrossRefGoogle Scholar
  19. 19.
    Hinek M J, Jiang S, Safavi-Naini R, et al. Attribute-based encryption without key cloning. Int J Appl Cryptogr, 2012, 2: 250–270MathSciNetCrossRefMATHGoogle Scholar
  20. 20.
    Ning J, Dong X, Cao Z, et al. White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes. IEEE Trans Inf Foren Secur, 2015, 10: 1274–1288CrossRefGoogle Scholar
  21. 21.
    Ning J, Dong X, Cao Z, et al. Accountable authority ciphertext-policy attribute-based encryption with white-box traceability and public auditing in the cloud. In: Proceedings of the European Symposium on Research in Computer Security, Vienna, 2015. 270–289Google Scholar
  22. 22.
    Liu Z, Cao Z, Wong D S. Traceable CP-ABE. how to trace decryption devices found in the wild. IEEE Trans Inf Foren Secur, 2015, 10: 55–68CrossRefGoogle Scholar
  23. 23.
    Li J, Ren K, Kim K. A2BE: accountable attribute-based encryption for abuse free access control. Cryptology ePrint Archive, Report 2009/118, 2009. https://eprint.iacr.org/2009/118Google Scholar
  24. 24.
    Wang Y T, Chen K F, Long Y, et al. Accountable authority key policy attribute-based encryption. Sci China Inf Sci, 2012, 55: 1631–1638MathSciNetCrossRefMATHGoogle Scholar
  25. 25.
    Ning J T, Cao Z F, Dong X L, et al. Traceable and revocable CP-ABE with shorter ciphertexts. Sci China Inf Sci, 2016, 59: 119102CrossRefGoogle Scholar
  26. 26.
    Beimel A. Secure scheme. for secret sharing and key distribution. Dissertation for Ph.D. Degree. Haifa: Technion-Israel Institute of Technology, 1996Google Scholar
  27. 27.
    Boneh D, Boyen X. Short signature. without random oracles and the SDH assumption in bilinear groups. J Crypt, 2008, 21: 149–177MATHGoogle Scholar

Copyright information

© Science China Press and Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  1. 1.School of Telecommunications EngineeringXidian UniversityXi’anChina
  2. 2.School of Cyber EngineeringXidian UniversityXi’anChina
  3. 3.School of Computer Science and TechnologyXidian UniversityXi’anChina
  4. 4.School of Information SystemsSingapore Management UniversitySingaporeSingapore

Personalised recommendations