Advertisement

Generic Constructions for Fully Secure Revocable Attribute-Based Encryption

  • Kotoko Yamada
  • Nuttapong Attrapadung
  • Keita Emura
  • Goichiro Hanaoka
  • Keisuke Tanaka
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)

Abstract

Attribute-based encryption (ABE) is a cryptographic primitive that realizes fine-grained access control. Due to its attractive functionality, several systems based on ABE have been widely constructed so far. In such cryptographic systems, revocation functionality is indispensable in practice to handle withdrawal of users, secret key exposure, and others. While many ABE schemes with various functionalities have been proposed, only a few of these are revocable ABE (RABE). In this paper, we propose two generic constructions of RABE from ABE. Our first construction employs the pair encoding framework (Attrapadung, EUROCRYPT 2014), and combines identity-based revocation and ABE via the generic conjunctive conversion of Attrapadung and Yamada (CT-RSA 2015). Our second construction directly converts ABE to RABE when ABE supports Boolean formulae. Since our constructions preserve functionalities of the underlying ABE, we can instantiate various fully secure RABE schemes for the first time, e.g., supporting regular languages, with unbounded attribute size and policy structure, and with constant-size ciphertext and secret key.

Notes

Acknowledgement

The authors would like to thank members of Shin-Akarui-Angou-Benkyou-Kai for their helpful comments. This work was partially supported by Input Output Hong Kong, I-System, Nomura Research Institute, NTT Secure Platform Laboratories, JST CREST JPMJCR14D6, JST OPERA, and JSPS KAKENHI Grant Numbers JP16K00198, JP16H01705, JP17H01695. This paper is based on results obtained from a project commissioned by the New Energy and Industrial Technology Development Organization (NEDO).

References

  1. 1.
    Agrawal, S., Chase, M.: A study of pair encodings: predicate encryption in prime order groups. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 259–288. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49099-0_10CrossRefGoogle Scholar
  2. 2.
    Attrapadung, N.: Dual system encryption via doubly selective security: framework, fully secure functional encryption for regular languages, and more. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 557–577. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-55220-5_31CrossRefGoogle Scholar
  3. 3.
    Attrapadung, N.: Dual system encryption framework in prime-order groups via computational pair encodings. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 591–623. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53890-6_20CrossRefGoogle Scholar
  4. 4.
    Attrapadung, N., Hanaoka, G., Yamada, S.: A framework for identity-based encryption with almost tight security. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 521–549. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-48797-6_22CrossRefGoogle Scholar
  5. 5.
    Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Parker, M.G. (ed.) IMACC 2009. LNCS, vol. 5921, pp. 278–300. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-10868-6_17CrossRefGoogle Scholar
  6. 6.
    Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 248–265. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-03298-1_16CrossRefGoogle Scholar
  7. 7.
    Attrapadung, N., Libert, B.: Functional encryption for inner product: achieving constant-size ciphertexts with adaptive security or support for negation. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 384–402. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13013-7_23CrossRefGoogle Scholar
  8. 8.
    Attrapadung, N., Libert, B., Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 90–108. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-19379-8_6CrossRefGoogle Scholar
  9. 9.
    Attrapadung, N., Yamada, S.: Duality in ABE: converting attribute based encryption for dual predicate and dual policy via computational encodings. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 87–105. Springer, Cham (2015). doi: 10.1007/978-3-319-16715-2_5Google Scholar
  10. 10.
    Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM Conference on Computer and Communications Security 2008, pp. 417–426 (2008)Google Scholar
  11. 11.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). doi: 10.1007/3-540-44647-8_13CrossRefGoogle Scholar
  12. 12.
    Boneh, D., Hamburg, M.: Generalized identity based and broadcast encryption schemes. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 455–470. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-89255-7_28CrossRefGoogle Scholar
  13. 13.
    Datta, P., Dutta, R., Mukhopadhyay, S.: General circuit realizing compact revocable attribute-based encryption from multilinear maps. In: Lopez, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 336–354. Springer, Cham (2015). doi: 10.1007/978-3-319-23318-5_19CrossRefGoogle Scholar
  14. 14.
    Datta, P., Dutta, R., Mukhopadhyay, S.: Adaptively secure unrestricted attribute-based encryption with subset difference revocation in bilinear groups of prime order. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2016. LNCS, vol. 9646, pp. 325–345. Springer, Cham (2016). doi: 10.1007/978-3-319-31517-1_17CrossRefGoogle Scholar
  15. 15.
    Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003). doi: 10.1007/978-3-540-44993-5_5CrossRefGoogle Scholar
  16. 16.
    Escala, A., Herold, G., Kiltz, E., Ràfols, C., Villar, J.: An algebraic framework for diffie-hellman assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 129–147. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40084-1_8CrossRefGoogle Scholar
  17. 17.
    Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). doi: 10.1007/3-540-36178-2_34CrossRefGoogle Scholar
  18. 18.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM Conference on Computer and Communications Security 2006, pp. 89–98 (2006)Google Scholar
  19. 19.
    Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002). doi: 10.1007/3-540-46035-7_31CrossRefGoogle Scholar
  20. 20.
    Jun-Lei, Q., Xiao-Lei, D.: Fully secure revocable attribute-based encryption. J. Shanghai Jiaotong Univ. (Sci.) 16, 490–496 (2011)CrossRefzbMATHGoogle Scholar
  21. 21.
    Lewko, A.B., Sahai, A., Waters, B.: Revocation systems with very small private keys. In: IEEE Symposium on Security and Privacy 2010, pp. 273–285 (2010)Google Scholar
  22. 22.
    Lewko, A., Waters, B.: Unbounded HIBE and attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 547–567. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-20465-4_30CrossRefGoogle Scholar
  23. 23.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). doi: 10.1007/3-540-44647-8_3CrossRefGoogle Scholar
  24. 24.
    Okamoto, T., Takashima, K.: Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14623-7_11CrossRefGoogle Scholar
  25. 25.
    Okamoto, T., Takashima, K.: Fully secure unbounded inner-product and attribute-based encryption. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 349–366. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-34961-4_22CrossRefGoogle Scholar
  26. 26.
    Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: ACM Conference on Computer and Communications Security 2013, pp. 463–474 (2013)Google Scholar
  27. 27.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi: 10.1007/11426639_27CrossRefGoogle Scholar
  28. 28.
    Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36362-7_14CrossRefGoogle Scholar
  29. 29.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). doi: 10.1007/3-540-39568-7_5CrossRefGoogle Scholar
  30. 30.
    Shi, Y., Zheng, Q., Liu, J., Han, Z.: Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation. Inf. Sci. 295, 221–231 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Waters, B.: Functional encryption for regular languages. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 218–235. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32009-5_14CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Kotoko Yamada
    • 1
    • 2
  • Nuttapong Attrapadung
    • 2
  • Keita Emura
    • 3
  • Goichiro Hanaoka
    • 2
  • Keisuke Tanaka
    • 1
  1. 1.Tokyo Institute of TechnologyTokyoJapan
  2. 2.National Institute of Advanced Industrial Science and Technology (AIST)TokyoJapan
  3. 3.National Institute of Information and Communications Technology (NICT)TokyoJapan

Personalised recommendations