Analysis of Ciphertext Policy Hidden Attribute-Based Encryption and Its Improved Method

  • Gongcheng HuEmail author
  • Leyou Zhang
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1105)


With people paying more attention to personal privacy protection, how to achieve fine-grained access control of data while protecting users’ privacy has become a hot research at present. A Ciphertext Policy Attribute-based Encryption (CP-ABE) with hiding policy is regarded as one of the most effective methods to solve above problem. Although many policy hidden CP-ABE schemes have been proposed, in this paper, we will show some of them fail to achieve the complete privacy-preserving. Hence two effective attacks are introduced at first, namely, the attack of attribute testing and the guessing attack of access policy. Then we show several known schemes can not resist these two attacks. Finally, an effective policy hidden CP-ABE scheme that can resist the above two attacks is proposed. And we also show it achieves full security in the standard model under static assumptions.


Policy hidden Privacy protection Ciphertext policy attribute-based encryption 


  1. 1.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). Scholar
  2. 2.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, Berkeley, CA, USA, pp. 1–14. IEEE (2007)Google Scholar
  3. 3.
    Goyal, V., Pandey, O., Sahai, A.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, pp. 89–98. ACM (2006)Google Scholar
  4. 4.
    Pirretti, M., Trayaor, P., Mcdaniel, P., Waters, B.: Secure attribute-based systems. In: Computer and Communications Security, New York, USA, pp. 99–112, ACM (2006)Google Scholar
  5. 5.
    Liu, L., Lai, J., Deng, R.H., Li, Y.: Ciphertext-policy attribute-based encryption with partially hidden access structure and its application to privacy-preserving electronic medical record system in cloud environment. Secur. Commun. Netw. 9(18), 4897–4913 (2016)CrossRefGoogle Scholar
  6. 6.
    Zhang, Y., Zheng, D., Deng, R.H.: Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Internet Things 5(3), 2130–2145 (2018)CrossRefGoogle Scholar
  7. 7.
    Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. Appl. Cryptogr. Netw. Secur. 5037(3), 13–23 (2009)zbMATHGoogle Scholar
  8. 8.
    Malluhi Q.M., Shikfa A., Trinh V.C.: A ciphertext-policy attribute-based encryption scheme with optimized ciphertext size and fast decryption. In: ACM on Asia Conference on Computer and Communications Security, Abu Dhabi, United Arab Emirates, pp. 230–240. ACM (2017)Google Scholar
  9. 9.
    Zhang Y., Chen X., Li J.: Anonymous attribute-based encryption supporting efficient decryption test. In: ACM SIGSAC Symposium on Information, Computer and Communications Security, Hangzhou, China, pp. 511–516. ACM (2013)Google Scholar
  10. 10.
    Li, J., Wang, H., Zhang, Y., Shen, J.: Ciphertext-policy attribute-based encryption with hidden access policy and testing. KSII Trans. Internet Inf. Syst. 10(7), 3339–3352 (2016)Google Scholar
  11. 11.
    Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 13–23. Springer, Heidelberg (2009). Scholar
  12. 12.
    Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: 14th ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, pp. 456–465. ACM (2007)Google Scholar
  13. 13.
    Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  14. 14.
    Lai, J., Deng, R.H., Li, Y.: Expressive CP-ABE with partially hidden access structures. In: 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, pp. 18–19. ACM (2012)Google Scholar
  15. 15.
    Khan, F., Li, H., Zhang, L., Shen, J.: An expressive hidden access policy CP-ABE. In: IEEE Second International Conference on Data Science in Cyberspace, Shenzhen, China, pp. 178–186. IEEE (2017)Google Scholar
  16. 16.
    Yang, K., Han, Q., Li, H., Zheng, K., Shen, X.: An efficient and fine-grained big data access control scheme with privacy-preserving policy. IEEE Internet Things J. 4(2), 563–571 (2016)CrossRefGoogle Scholar
  17. 17.
    Zhang, L., Hu, G., Mu, Y.: Hidden ciphertext policy attribute-based encryption with fast decryption for personal health record system. IEEE Access 7(1), 33202–33213 (2019)CrossRefGoogle Scholar
  18. 18.
    Chaudhari, P., Das, M.L., Mathuria, A.: On anonymous attribute based encryption. Inf. Syst. Secur. 9478(1), 378–392 (2015)Google Scholar
  19. 19.
    Li, X., Gu, D., Ren, Y., Ding, N., Yuan, K.: Efficient ciphertext-policy attribute based encryption with hidden policy. In: Xiang, Y., Pathan, M., Tao, X., Wang, H. (eds.) IDCS 2012. LNCS, vol. 7646, pp. 146–159. Springer, Heidelberg (2012). Scholar
  20. 20.
    Wang, Z., He, M.: CP-ABE with hidden policy from waters efficient construction. Int. J. Distrib. Sens. Netw. 2016(11), 1–8 (2016)Google Scholar
  21. 21.
    Fu, X., Nie, X., Wu, T., Li, F.: Large universe attribute based access control with efficient decryption in cloud storage system. J. Syst. Softw. 135(4), 157–164 (2018)CrossRefGoogle Scholar
  22. 22.
    Yin, H., Zhang, L., Cui, Y.: An improved ciphertext policy hiding attribute-based encryption with testing. KSII Trans. Internet Inf. Syst. 10(7), 3339–3352 (2019) Google Scholar
  23. 23.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005). Scholar
  24. 24.
    Li, Q., Zhang, F.: A fully secure attribute based broadcast encryption scheme. Int. J. Netw. Secur. 17(3), 263–271 (2015)Google Scholar
  25. 25.
    Cui, Y., Zhang, L.: Privacy preserving ciphertext-policy attribute-based broadcast encryption in smart city. J. China Univ. Posts Telecommun. 19(1), 21–31 (2019)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.School of Mathematics and StatisticsXidian UniversityXi’anChina

Personalised recommendations