New Model and Construction of ABE: Achieving Key Resilient-Leakage and Attribute Direct-Revocation

  • Mingwu Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8544)


Attribute-Based Encryption allows for implementing fine-grained decentralized access control based on properties or attributes a user has, which has drawn attention for realizing decentralized access control in large and dynamic networks such as Mesh network, Internet of Things and cloud computing. However, in open networks, the attacker can blow the concrete implementation of cryptosystems, and then gain the internal secret states such as pseudo-random number, internal result and secret key to break the system. In this work, we first model a fine-grained attribute revocable (ciphertext-policy) attribute-based encryption in the presence of key leakage, and then give a concrete construction with security and resilient-leakage performance analysis. Our scheme is the first designing enjoying at the same time the following properties: (i) Support attribute direct revocation that does not affect any other user’s secret key. (ii) Tolerate the key of matching the challenge ciphertext to be partially revealed. (iii) Provide a key update mechanism to support continual leakage tolerance.


Attribute-based encryption key leakage attribute revocation leakage rate 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, S., Dodis, Y., Vaikuntanathan, V., Wichs, D.: On continual leakage of discrete log representations. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 401–420. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  2. 2.
    Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Attrapadung, N., Herranz, J., Laguillaumie, F., Libert, B., et al.: Attribute-based encryption schemes with constant-size ciphertexts. Theoretical Computer Sciences 422, 15–38 (2012)CrossRefzbMATHMathSciNetGoogle Scholar
  4. 4.
    Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 248–265. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 278–300. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM-CCS 2008, pp. 417–426 (2008)Google Scholar
  7. 7.
    Brakerski, Z., Goldwasser, S.: Circular and leakage resilient public-key encryption under subgroup indistinguishability. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 1–20. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V.: Overcoming the hole in the bucket: Publickey cryptography resilient to continual memory leakage. In: FOCS 2010, pp. 501–510 (2010)Google Scholar
  9. 9.
    Chow, S., Dodis, Y., Rouselakis, Y., Waters, B.: Practical leakage-resilient identity-based encryption from simple assumptions. In: ACM-CCS 2010, pp. 152–161 (2010)Google Scholar
  10. 10.
    Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient public-key cryptography in the presence of key leakage. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 613–631. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Freeman, D.M.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 44–61. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. ACM-CCS 2006, pp. 89–98 (2006)Google Scholar
  13. 13.
    Han, J., Susilo, W., Mu, Y., Yan, J.: Attribute-based oblivious access control. Computer Journal 55(10), 1202–1215 (2012)CrossRefGoogle Scholar
  14. 14.
    Lewko, A.: Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 318–335. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  15. 15.
    Lewko, A., Waters, B.: New proof methods for attribute-based encryption: achieving full security through selective techniques. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 180–198. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  16. 16.
    Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Lewko, A., Rouselakis, Y., Waters, B.: Achieving leakage resilience through dual system encryption. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 70–88. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
    Polk, W.T., Dodson, D.F., Burr, W.E., Ferraiolo, H., Cooper, D.: Cryptographic algorithms and key sizes for personal identity verification. NIST Special Publication 800-78-3 (2010),
  20. 20.
    Naor, M., Segev, G.: Public-key cryptosystems resilient to key leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Sahai, A., Waters, B.: Fuzzy identity based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  22. 22.
    Wang, G., Liu, Q., Wu, J., Guo, M.: Hierarchical attribute-based encryption with scalable user revocation for data sharing in cloud servers. Computer and Security 30, 320–331 (2011)CrossRefGoogle Scholar
  23. 23.
    Wang, P., Feng, D., Zhang, L.: Towards attribute revocation in key-policy attribute based encryption. In: Lin, D., Tsudik, G., Wang, X. (eds.) CANS 2011. LNCS, vol. 7092, pp. 272–291. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  24. 24.
    Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  25. 25.
    Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: ASIACCS 2010, pp. 261–270. ACM (2010)Google Scholar
  26. 26.
    Zhang, M., Shi, W., Wang, C., Chen, Z., Mu, Y.: Leakage-resilient attribute-based encryption with fast decryption: models, analysis and constructions. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 75–90. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  27. 27.
    Zhang, M., Yang, B., Takagi, T.: Bounded leakage-resilient functional encryption with hidden vector predicate. The Computer Journal 56(4), 464–477 (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Mingwu Zhang
    • 1
    • 2
  1. 1.School of Computer SciencesHubei University of TechnologyWuhanChina
  2. 2.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina

Personalised recommendations