Advertisement

Unbounded Dynamic Predicate Compositions in Attribute-Based Encryption

  • Nuttapong AttrapadungEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11476)

Abstract

We present several transformations that combine a set of attribute-based encryption (ABE) schemes for simpler predicates into a new ABE scheme for more expressive composed predicates. Previous proposals for predicate compositions of this kind, the most recent one being that of Ambrona et al. at Crypto’17, can be considered static (or partially dynamic), meaning that the policy (or its structure) that specifies a composition must be fixed at the setup. Contrastingly, our transformations are dynamic and unbounded: they allow a user to specify an arbitrary and unbounded-size composition policy right into his/her own key or ciphertext. We propose transformations for three classes of composition policies, namely, the classes of any monotone span programs, any branching programs, and any deterministic finite automata. These generalized policies are defined over arbitrary predicates, hence admitting modular compositions. One application from modularity is a new kind of ABE for which policies can be “nested” over ciphertext and key policies. As another application, we achieve the first fully secure completely unbounded key-policy ABE for non-monotone span programs, in a modular and clean manner, under the q-ratio assumption. Our transformations work inside a generic framework for ABE called symbolic pair encoding, proposed by Agrawal and Chase at Eurocrypt’17. At the core of our transformations, we observe and exploit an unbounded nature of the symbolic property so as to achieve unbounded-size policy compositions.

Notes

Acknowledgement

This work was partially supported by JST CREST Grant No. JPMJCR1688.

References

  1. 1.
    Agrawal, S., Chase, M.: A study of pair encodings: predicate encryption in prime order groups. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016-A. LNCS, vol. 9563, pp. 259–288. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49099-0_10CrossRefzbMATHGoogle Scholar
  2. 2.
    Agrawal, S., Chase, M.: Simplifying Design and Analysis of Complex Predicate Encryption Schemes. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 627–656. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56620-7_22CrossRefGoogle Scholar
  3. 3.
    Ambrona, M., Barthe, G., Schmidt, B.: Generic transformations of predicate encodings: constructions and applications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 36–66. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63688-7_2CrossRefGoogle Scholar
  4. 4.
    Attrapadung, N., Imai, H.: Dual-policy attribute based encryption. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 168–185. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01957-9_11CrossRefGoogle Scholar
  5. 5.
    Attrapadung, N.: Dual system encryption via doubly selective security: framework, fully secure functional encryption for regular languages, and more. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 557–577. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_31CrossRefGoogle Scholar
  6. 6.
    Attrapadung, N.: Dual system encryption framework in prime-order groups via computational pair encodings. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 591–623. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53890-6_20CrossRefzbMATHGoogle Scholar
  7. 7.
    Attrapadung, N., Hanaoka, G., Yamada, S.: Conversions among several classes of predicate encryption and applications to ABE with various compactness tradeoffs. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 575–601. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_24CrossRefGoogle Scholar
  8. 8.
    Attrapadung, N., Hanaoka, G., Ogawa, K., Ohtake, G., Watanabe, H., Yamada, S.: Attribute-based encryption for range attributes. In: Zikas, V., De Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 42–61. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-44618-9_3CrossRefzbMATHGoogle Scholar
  9. 9.
    Attrapadung, N., Libert, B., de Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 90–108. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_6CrossRefzbMATHGoogle Scholar
  10. 10.
    Attrapadung, N., Yamada, S.: Duality in ABE: converting attribute based encryption for dual predicate and dual policy via computational encodings. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 87–105. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-16715-2_5CrossRefzbMATHGoogle Scholar
  11. 11.
    Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Israel Institute of Technology, Technion, Haifa, Israel (1996)Google Scholar
  12. 12.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE S&P 2007, pp. 321–334 (2007)Google Scholar
  13. 13.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random Oracles. J. Cryptol. 24(4), 659–693 (2011). Extended abstract in Eurocrypt 2004. LNCS, pp. 223–238 (2004)CrossRefGoogle Scholar
  14. 14.
    Boneh, D., Hamburg, M.: Generalized identity based and broadcast encryption schemes. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 455–470. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-89255-7_28CrossRefGoogle Scholar
  15. 15.
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_16CrossRefGoogle Scholar
  16. 16.
    Chen, J., Gay, R., Wee, H.: Improved dual system ABE in prime-order groups via predicate encodings. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 595–624. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_20CrossRefGoogle Scholar
  17. 17.
    Chen, J., Wee, H.: Fully, (almost) tightly secure IBE and dual system groups. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 435–460. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_25CrossRefGoogle Scholar
  18. 18.
    Chen, J., Gong, J., Kowalczyk, L., Wee, H.: Unbounded ABE via bilinear entropy expansion, revisited. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 503–534. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78381-9_19CrossRefGoogle Scholar
  19. 19.
    Delerablée, C.: Identity-based broadcast encryption with constant size ciphertexts and private keys. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 200–215. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-76900-2_12CrossRefGoogle Scholar
  20. 20.
    Gorbunov, S., Vaikuntanathan, V., Wee, H.: Attribute-based encryption for circuits. In: STOC 2013, pp. 545–554 (2013)Google Scholar
  21. 21.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM CCS 2006, pp. 89–98 (2006)Google Scholar
  22. 22.
    Karchmer, M., Wigderson, A.: On span programs. In: Proceedings of the Eighth Annual Structure in Complexity Theory Conference, pp. 102–111. IEEE (1993)Google Scholar
  23. 23.
    Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-11799-2_27CrossRefGoogle Scholar
  24. 24.
    Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_31CrossRefGoogle Scholar
  25. 25.
    Lewko, A., Waters, B.: Unbounded HIBE and Attribute-Based Encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 547–567. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_30CrossRefGoogle Scholar
  26. 26.
    Lewko, A., Waters, B.: New proof methods for attribute-based encryption: achieving full security through selective techniques. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 180–198. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_12CrossRefGoogle Scholar
  27. 27.
    Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_4CrossRefGoogle Scholar
  28. 28.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: ACM CCS 2007, pp. 195–203 (2007)Google Scholar
  29. 29.
    Okamoto, T., Takashima, K.: Fully secure functional encryption with general relations from the decisional linear assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_11CrossRefGoogle Scholar
  30. 30.
    Okamoto, T., Takashima, K.: Fully secure unbounded inner-product and attribute-based encryption. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 349–366. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34961-4_22CrossRefGoogle Scholar
  31. 31.
    Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: ACM CCS 2013, pp. 463–474 (2013)Google Scholar
  32. 32.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_27CrossRefGoogle Scholar
  33. 33.
    Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19379-8_4CrossRefGoogle Scholar
  34. 34.
    Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_36CrossRefGoogle Scholar
  35. 35.
    Waters, B.: Functional encryption for regular languages. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 218–235. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_14CrossRefGoogle Scholar
  36. 36.
    Wee, H.: Dual system encryption via predicate encodings. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 616–637. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54242-8_26CrossRefGoogle Scholar
  37. 37.
    Yamada, K., Attrapadung, N., Emura, K., Hanaoka, G., Tanaka, K.: Generic constructions for fully secure revocable attribute-based encryption. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017, Part II. LNCS, vol. 10493, pp. 532–551. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66399-9_29CrossRefGoogle Scholar
  38. 38.
    Yamada, S., Attrapadung, N., Hanaoka, G., Kunihiro, N.: A framework and compact constructions for non-monotonic attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 275–292. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54631-0_16CrossRefGoogle Scholar
  39. 39.
    Yang, D., Wang, B., Ban, X.: Fully secure non-monotonic access structure CP-ABE scheme. In: KSII Transactions on Internet and Information Systems, pp. 1315–1329 (2018)Google Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  1. 1.National Institute of Advanced Industrial Science and Technology (AIST)TokyoJapan

Personalised recommendations