On the Security of a Searchable Anonymous Attribute Based Encryption

  • Payal Chaudhari
  • Manik Lal Das
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 655)


Ciphertext Policy Attribute-based Encryption(CP-ABE) is a public key primitive in which a user is able to decrypt a ciphertext if the attributes associated with secret key and the access policy connected with ciphertext matches. Although CP-ABE provides both confidentiality and fine-grained access control to the data stored in public cloud, anonymous CP-ABE adds interesting feature of sender and/or receiver anonymity. In this paper, we discuss a recent work on anonymous CP-ABE [1], which aims to provide secure and efficient data retrieval anonymously. We show that the scheme has major security weakness and does not ensure anonymity feature, which is the main claim of the scheme. We then present an improved scheme for mitigating the weaknesses of the scheme. The improved scheme retains the security claims of the original scheme [1] without adding any computation and communication overhead.


Attribute based encryption Anonymity Confidentiality Access structure 


  1. 1.
    Koo, D., Hur, J., Yoon, H.: Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage. Comput. Electr. Eng. 39, 34–46 (2013)CrossRefGoogle Scholar
  2. 2.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi: 10.1007/11426639_27 CrossRefGoogle Scholar
  3. 3.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy (2007)Google Scholar
  4. 4.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 89–98 (2006)Google Scholar
  5. 5.
    Zhang, Y., Chen, X., Li, J., Wong, D.S., Li, H.: Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 511–516 (2013)Google Scholar
  6. 6.
    Kapadia, A., Tsang, P.P., Smith, S.W.: Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of Network and Distributed System Security Symposium, pp. 179–192 (2007)Google Scholar
  7. 7.
    Yu, S., Ren, K., Lou, W.: Attribute-based content distribution with hidden policy. In: Proceedings of the IEEE Workshop on Secure Network Protocols, pp. 39–44 (2008)Google Scholar
  8. 8.
    Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Proceedings of Applied Cryptography and Network Security, pp. 111–129 (2008)Google Scholar
  9. 9.
    Li, J., Ren, K., Zhu, B., Wan, Z.: Privacy-aware attribute-based encryption with user accountability. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 347–362. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04474-8_28 CrossRefGoogle Scholar
  10. 10.
    Chaudhari, P., Das, M.L.: Cryptanalysis of searchable anonymous attribute based encryption. IACR Cryptology ePrint Archive 2016: 347 (2016)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2017

Authors and Affiliations

  1. 1.DA-IICTGandhinagarIndia
  2. 2.LDRPGandhinagarIndia

Personalised recommendations