• PDF / 2,202,836 Bytes
• 33 Pages / 439.37 x 666.142 pts Page_size
• 23 Downloads / 225 Views

DOWNLOAD

REPORT

Abstract. We propose a new generic framework for achieving fully secure attribute based encryption (ABE) in prime-order bilinear groups. Previous generic frameworks by Wee (TCC’14) and Attrapadung (Eurocrypt’14) were given in composite-order bilinear groups. Both provide abstractions of dual-system encryption techniques introduced by Waters (Crypto’09). Our framework can be considered as a prime-order version of Attrapadung’s framework and works in a similar manner: it relies on a main component called pair encodings, and it generically compiles any secure pair encoding scheme for a predicate in consideration to a fully secure ABE scheme for that predicate. One feature of our new compiler is that although the resulting ABE schemes will be newly defined in prime-order groups, we require essentially the same security notions of pair encodings as before. Beside the security of pair encodings, our framework assumes only the Matrix Diffie-Hellman assumption (Escala et al., Crypto’13), which includes the Decisional Linear assumption as a special case. Recently and independently, prime-order frameworks are proposed also by Chen et al. (Eurocrypt’15), and Agrawal and Chase (TCC’16-A). The main difference is that their frameworks can deal only with informationtheoretic encodings, while ours can also deal with computational ones, which admit wider applications. We demonstrate our applications by obtaining the first fully secure prime-order realizations of ABE for regular languages, ABE for monotone span programs with short-ciphertext, shortkey, or completely unbounded property, and ABE for branching programs with short-ciphertext, short-key, or unbounded property. Keywords: Attribute-based encryption groups

1

·

Full security

·

Prime-order

Introduction

Attribute based encryption (ABE), initiated by Sahai and Waters [40], is an emerging paradigm that extends beyond normal public-key encryption. In an ABE scheme for predicate R : X × Y → {0, 1}, a ciphertext is associated with a ciphertext attribute, say, Y ∈ Y, while a key is associated with a key attribute, c International Association for Cryptologic Research 2016  J.H. Cheon and T. Takagi (Eds.): ASIACRYPT 2016, Part II, LNCS 10032, pp. 591–623, 2016. DOI: 10.1007/978-3-662-53890-6 20

592

N. Attrapadung

say, X ∈ X, and the decryption is possible if and only if R(X, Y ) = 1.1 In KeyPolicy (KP) type, X is a set of Boolean functions (often called policies), while Y is a set of inputs to functions, and we define R(f, x) = f (x). Ciphertext-Policy (CP) type is the dual of KP where the roles of X and Y are swapped (that is, policies are associated to ciphertexts). Besides direct applications of finegrained access control [21], ABE is also known to imply verifiable computation outsourcing [38]. The standard security requirement for ABE is full security, where an adversary is allowed to adaptively query keys for any attribute X as long as R(X, Y ) = 0, where Y is an adversarially chosen attribute for a challenge ciphertext. Dual system encryption techniques introduced by Waters

Recommend Documents

Leakage-Resilient Functional Encryption via Pair Encodings

183 21 341KB

Attribute-Hiding Predicate Encryption in Bilinear Groups, Revisited

158 96 581KB

Secure keyword search using dual encryption in cloud computing

169 117 1MB

On Pseudorandom Encodings

170 105 14MB

Distributed MPC Via Dual Decomposition

173 36 368KB

Macro Discourse Relation Recognition via Discourse Argument Pair Graph

167 13 36MB

An Encryption System for Securing Physical Signals

164 24 34MB

Latent Space Clustering via Dual Discriminator GAN

212 45 53MB

Video encryption based on hyperchaotic system

174 65 3MB

A Secure Keyword Ordered Multiuser Searchable Encryption Framework

156 79 267KB

A Computational Framework for Multilevel Morphologies

147 97 1MB

CCDSF: A Computational Creative Design Systems Framework

171 16 2MB