Hiding the Policy in Cryptographic Access Control

  • Sascha Müller
  • Stefan Katzenbeisser
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7170)


Recently, cryptographic access control has received a lot of attention, mainly due to the availability of efficient Attribute-Based Encryption (ABE) schemes. ABE allows to get rid of a trusted reference monitor by enforcing access rules in a cryptographic way. However, ABE has a privacy problem: The access policies are sent in clear along with the ciphertexts. Further generalizing the idea of policy-hiding in cryptographic access control, we introduce policy anonymity where – similar to the well-understood concept of k-anonymity – the attacker can only see a large set of possible policies that might have been used to encrypt, but is not able to identify the one that was actually used. We show that using a concept from graph theory we can extend a known ABE construction to achieve the desired privacy property.


Access control privacy tree majors abe anonymity hidden policies 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
  2. 2.
    Bille, P.: A survey on tree edit distance and related problems. Theor. Comput. Sci. 337(1-3), 217–239 (2005)MathSciNetzbMATHCrossRefGoogle Scholar
  3. 3.
    Boneh, D., Waters, B.: Conjunctive, Subset, and Range Queries on Encrypted Data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Cheung, L., Newport, C.C.: Provably secure ciphertext policy ABE. In: Ning, P., di Vimercati, S.D.C., Syverson, P.F. (eds.) ACM Conference on Computer and Communications Security, pp. 456–465. ACM (2007)Google Scholar
  5. 5.
    Ciriani, V., di Vimercati, S.D.C., Foresti, S., Samarati, P.: k-anonymity. In: Yu, T., Jajodia, S. (eds.) Secure Data Management in Decentralized Systems. Advances in Information Security, vol. 33, pp. 323–353. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Frikken, K.B., Li, J., Atallah, M.J.: Trust negotiation with hidden credentials, hidden policies, and policy cycles. In: NDSS. The Internet Society (2006)Google Scholar
  7. 7.
    Katz, J., Sahai, A., Waters, B.: Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Matula, D.W.: On the number of subtrees of a symmetric n-ary tree. SIAM Journal on Applied Mathematics 18(3), 668–703 (1970)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Müller, S., Katzenbeisser, S.: Hiding the policy in cryptographic access control. Technical report (2011),
  11. 11.
    Müller, S., Katzenbeisser, S.: A new DRM architecture with strong enforcement. In: ARES, pp. 397–403. IEEE Computer Society (2010)Google Scholar
  12. 12.
    Müller, S., Katzenbeisser, S., Eckert, C.: On multi-authority ciphertext-policy attribute-based encryption. Bulletin of the Korean Mathematical Society (B-KMS) 46(4), 803–819 (2009)zbMATHCrossRefGoogle Scholar
  13. 13.
    Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden ciphertext policies. IEICE Transactions 92-A(1), 22–32 (2009)Google Scholar
  14. 14.
    Nishimura, N., Ragde, P., Thilikos, D.M.: Finding Smallest Supertrees under Minor Containment. In: Widmayer, P., Neyer, G., Eidenbenz, S. (eds.) WG 1999. LNCS, vol. 1665, pp. 303–312. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  15. 15.
    Riesen, K., Bunke, H.: Approximate graph edit distance computation by means of bipartite graph matching. Image Vision Comput. 27(7), 950–959 (2009)CrossRefGoogle Scholar
  16. 16.
    Rosselló, F., Valiente, G.: An algebraic view of the relation between largest common subtrees and smallest common supertrees. CoRR, abs/cs/0604108 (2006)Google Scholar
  17. 17.
    Sahai, A., Seyalioglu, H.: Worry-free encryption: functional encryption with public keys. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 463–472. ACM, New York (2010)Google Scholar
  18. 18.
    Serjantov, A., Danezis, G.: Towards an Information Theoretic Metric for Anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Shi, E., Bethencourt, J., Chan, H.T.-H., Song, D.X., Perrig, A.: Multi-dimensional range query over encrypted data. In: IEEE Symposium on Security and Privacy, pp. 350–364 (2007)Google Scholar
  20. 20.
    Smart, N.P.: Access Control using Pairing Based Cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 111–121. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Valiente, G.: Constrained tree inclusion. J. Discrete Algorithms 3(2-4), 431–447 (2005)MathSciNetzbMATHCrossRefGoogle Scholar
  22. 22.
    Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: The 14th IACR International Conference on Practice and Theory of Public Key Cryptography, PKC (March 2008)Google Scholar
  23. 23.
    Yu, S., Ren, K., Lou, W.: Attribute-based content distribution with hidden policy. In: Secure Network Protocols, NPSEC 2008 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Sascha Müller
    • 1
  • Stefan Katzenbeisser
    • 1
  1. 1.Security Engineering GroupTechnische Universität Darmstadt &, Center for Advanced Security Research Darmstadt (CASED)Germany

Personalised recommendations