Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption

  • Amit Sahai
  • Hakan Seyalioglu
  • Brent Waters
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7417)


Motivated by the question of access control in cloud storage, we consider the problem using Attribute-Based Encryption (ABE) in a setting where users’ credentials may change and ciphertexts may be stored by a third party. Our main result is obtained by pairing two contributions:
  • We first ask how a third party who is not trusted with secret key information can process a ciphertext to disqualify revoked users from decrypting data encrypted in the past. Our core tool is a new procedure called ciphertext delegation that allows a ciphertext to be ‘re-encrypted’ to a more restrictive policy using only public information.

  • Second, we study the problem of revocable attribute-based encryption. We provide the first fully secure construction by modifying an attribute-based encryption scheme due to Lewko et al. [9] and prove security in the standard model.

We then combine these two results for a new approach for revocation on stored data. Our scheme allows a storage server to update stored ciphertexts to disqualify revoked users from accessing data that was encrypted before the user’s access was revoked while key update broadcasts can dynamically revoke selected users.


Access Structure Access Policy Probabilistic Polynomial Time Security Game Query Phase 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aiello, W., Lodha, S.P., Ostrovsky, R.: Fast Digital Identity Revocation (Extended Abstract). In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 137–152. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. 2.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
  3. 3.
    Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM CCS, pp. 417–426 (2008)Google Scholar
  4. 4.
    Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Gentry, C.: Certificate-Based Encryption and the Certificate Revocation Problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Goyal, V.: Certificate Revocation Using Fine Grained Certificate Space Partitioning. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 247–259. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Goyal, V., Lu, S., Sahai, A., Waters, B.: Black-box accountable authority identity-based encryption. In: CCS, pp. 427–436 (2008)Google Scholar
  8. 8.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: CCS, pp. 89–98 (2006)Google Scholar
  9. 9.
    Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Libert, B., Vergnaud, D.: Adaptive-ID Secure Revocable Identity-Based Encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Micali, S.: Efficient certificate revocation. LCS/TM 542b, Massachusetts Institute of Technology (1996)Google Scholar
  12. 12.
    Micali, S.: NOVOMODO: Scalable certificate validation and simplified PKI management. In: Proc. of 1st Annual PKI Research Workshop (2002)Google Scholar
  13. 13.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. ECCC (043) (2002)Google Scholar
  14. 14.
    Naor, M., Nissim, K.: Certificate revocation and certificate update. IEEE Journal on Selected Areas in Communications 18(4), 561–570 (2000)CrossRefGoogle Scholar
  15. 15.
    Okamoto, T., Takashima, K.: Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: CCS, p. 203 (2007)Google Scholar
  17. 17.
    Qian, J., Dong, X.: Fully secure revocable attribute-based encryption. Journal of Shanghai Jiaotong University (Science) 16(4), 490–496 (2011)CrossRefzbMATHGoogle Scholar
  18. 18.
    Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2012 2012

Authors and Affiliations

  • Amit Sahai
    • 1
  • Hakan Seyalioglu
    • 2
  • Brent Waters
    • 3
  1. 1.Department of Computer ScienceUCLALos AngelesUSA
  2. 2.Department of MathematicsUCLALos AngelesUSA
  3. 3.Department of Computer ScienceUniversity of Texas at AustinAustinUSA

Personalised recommendations