Ciphertext-Policy Attribute-Based Broadcast Encryption with Small Keys

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9558)

Abstract

Broadcasting is a very efficient way to securely transmit information to a large set of geographically scattered receivers, and in practice, it is often the case that these receivers can be grouped in sets sharing common characteristics (or attributes). We describe in this paper an efficient ciphertext-policy attribute-based broadcast encryption scheme (CP-ABBE) supporting negative attributes and able to handle access policies in conjunctive normal form (CNF). Essentially, our scheme is a combination of the Boneh-Gentry-Waters broadcast encryption and of the Lewko-Sahai-Waters revocation schemes; the former is used to express attribute-based access policies while the latter is dedicated to the revocation of individual receivers. Our scheme is the first one that involves a public key and private keys having a size that is independent of the number of receivers registered in the system. Its selective security is proven with respect to the Generalized Diffie-Hellman Exponent (GDHE) problem on bilinear groups.

Keywords

Attribute-based encryption Broadcast encryption 

References

  1. 1.
    Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 248–265. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    Berkovits, S.: How to broadcast a secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991)Google Scholar
  3. 3.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE-S&P 2007, pp. 321–334. IEEE Computer Society (2007)Google Scholar
  4. 4.
    Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer [11], pp. 440–456Google Scholar
  5. 5.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the Weil pairing. In: Kilian [25], pp. 213–229Google Scholar
  6. 6.
    Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Waters, B.: A fully collusion resistant broadcast, trace, and revoke system. In: Proceedings of ACM-CCS 2006, pp. 211–220. Association for Computing Machinery, New York, NY, USA (2006)Google Scholar
  8. 8.
    Boneh, D., Waters, B., Zhandry, M.: Low overhead broadcast encryption from multilinear maps. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 206–223. Springer, Heidelberg (2014)Google Scholar
  9. 9.
    Burmester, M.: Group key agreement. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, pp. 520–526. Springer, New York (2011)Google Scholar
  10. 10.
    Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Cramer, R. (ed.): EUROCRYPT 2005. LNCS, vol. 3494. Springer, Heidelberg (2005)MATHGoogle Scholar
  12. 12.
    Delerablée, C., Paillier, P., Pointcheval, D.: Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In: Takagi, T., Okamoto, E., Okamoto, T., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 39–59. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Fadlullah, Z.M., Kato, N., Lu, R., Shen, X., Nozaki, Y.: Toward secure targeted broadcast in smart grid. IEEE Commun. Mag. 50(5), 150–156 (2012)CrossRefGoogle Scholar
  15. 15.
    Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)Google Scholar
  16. 16.
    Garg, S., Gentry, C., Halevi, S., Sahai, A., Waters, B.: Attribute-based encryption for circuits from multilinear maps. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 479–499. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  17. 17.
    Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with short ciphertexts). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 171–188. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Goodrich, M.T., Sun, J.Z., Tamassia, R.: Efficient tree-based revocation in groups of low-state devices. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 511–527. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 579–591. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Halevy, D., Shamir, A.: The LSD broadcast encryption scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 47. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  21. 21.
    Hohenberger, S., Waters, B.: Attribute-based encryption with fast decryption. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 162–179. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  22. 22.
    Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 293–310. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  23. 23.
    Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)CrossRefGoogle Scholar
  24. 24.
    Junod, P., Karlov, A.: An efficient public-key attribute-based broadcast encryption scheme allowing arbitrary access policies. In: Proceedings of DRM, pp. 13–24. ACM (2010)Google Scholar
  25. 25.
    Kilian, J. (ed.): CRYPTO 2001. LNCS, vol. 2139. Springer, Heidelberg (2001)MATHGoogle Scholar
  26. 26.
    Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  27. 27.
    Lewko, A.B., Sahai, A., Waters, B.: Revocation systems with very small private keys. In: Proceedings of IEEE S&P, pp. 273–285. IEEE (2010)Google Scholar
  28. 28.
    Lewko, A.B., Waters, B.: Decentralizing attribute-based encryption. In: Paterson [36], pp. 568–588Google Scholar
  29. 29.
    Lewko, A.B., Waters, B.: Unbounded HIBE and attribute-based encryption. In: Paterson [36], pp. 547–567Google Scholar
  30. 30.
    Lewko, A.B., Waters, B.: New proof methods for attribute-based encryption: achieving full security through selective techniques. In: Safavi-Naini and Canetti [39], pp. 180–198Google Scholar
  31. 31.
    Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)CrossRefGoogle Scholar
  32. 32.
    Li, Q., Zhang, F.: A fully secure attribute based broadcast encryption scheme. Int. J. Netw. Secur. 17(3), 263–271 (2015)Google Scholar
  33. 33.
    Lubicz, D., Sirvent, T.: Attribute-based broadcast encryption scheme made efficient. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 325–342. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  34. 34.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  35. 35.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Ning, P.., De Capitani di Vimercati, S., Syverson, P. F. (eds.) Proceedings of ACM-CCS, 2007 pp. 195–203. ACM (2007)Google Scholar
  36. 36.
    Paterson, K.G. (ed.): EUROCRYPT 2011. LNCS, vol. 6632. Springer, Heidelberg (2011)MATHGoogle Scholar
  37. 37.
    Phan, D.-H., Pointcheval, D., Shahandashti, S.F., Strefler, M.: Adaptive CCA broadcast encryption with constant-size secret keys and ciphertexts. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 308–321. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  38. 38.
    Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds) Proceedings of ACM-CCS 2013, pp. 463–474. ACM (2013)Google Scholar
  39. 39.
    Safavi-Naini, R., Canetti, R. (eds.): CRYPTO 2012. LNCS, vol. 7417. Springer, Heidelberg (2012)MATHGoogle Scholar
  40. 40.
    Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini and Canetti [39], pp. 199–217Google Scholar
  41. 41.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer [11], pp. 457–473Google Scholar
  42. 42.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  43. 43.
    Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  44. 44.
    Wesolowski, B., Junod, P.: Ciphertext-policy attribute-based broadcast encryption scheme with small keys. Cryptology ePrint Archive, Report 2015/836 (2015). http://eprint.iacr.org/2015/836
  45. 45.
    Zhou, Z., Huang, D.: On efficient ciphertext-policy attribute based encryption, broadcast encryption: extended abstract. In: Proceedings of ACM-CCS 2010, pp. 753–755. ACM (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.EPFLLausanneSwitzerland
  2. 2.University of Applied Sciences and Arts Western Switzerland (HES-SO/HEIG-VD)Yverdon-les-BainsSwitzerland

Personalised recommendations