Practical Direct Chosen Ciphertext Secure Key-Policy Attribute-Based Encryption with Public Ciphertext Test
- Cite this paper as:
- Liu W., Liu J., Wu Q., Qin B., Zhou Y. (2014) Practical Direct Chosen Ciphertext Secure Key-Policy Attribute-Based Encryption with Public Ciphertext Test. In: Kutyłowski M., Vaidya J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham
We propose a direct Key-Policy Attribute-Based Encryption (KP-ABE) scheme with semantic security against adaptively chosen ciphertext attacks (CCA2) in the standard model. Compared with its counterpart with security against chosen-plaintext attacks (CPA), the cost of our scheme is only a Chameleon hash. In contrast to the Boyen-Mei-Waters shrink approach from CPA-secure (l + 1)-Hierarchical Identity Based Encryption ((l + 1)-HIBE) to CCA2-secure l-HIBE, our approach only adds one on-the-fly dummy attribute. Further, our approach only requires that the underlying ABE is selectively secure and allows public ciphertext test. A major obstacle for the security proof in this scenario is that the simulator cannot prepare the challenge ciphertext associated with the on-the-fly dummy attribute due to the selective security constraint. We circumvent this obstacle with a Chameleon hash. Technically, unlike existing use of Chameleon hash in (online/offline) signature applications, our work shows Chameleon hash can also have unique applications in encryption schemes.
KeywordsAttribute-Based Encryption Chameleon Hash Chosen Ciphertext Security
Unable to display preview. Download preview PDF.