research-article

Improving privacy and security in multi-authority attribute-based encryption

Authors:

Sherman S.M. ChowAuthors Info & Claims

CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

Pages 121 - 130

https://doi.org/10.1145/1653662.1653678

Published: 09 November 2009 Publication History

Abstract

Attribute based encryption (ABE) [13] determines decryption ability based on a user's attributes. In a multi-authority ABE scheme, multiple attribute-authorities monitor different sets of attributes and issue corresponding decryption keys to users, and encryptors can require that a user obtain keys for appropriate attributes from each authority before decrypting a message. Chase [5] gave a multi-authority ABE scheme using the concepts of a trusted central authority (CA) and global identifiers (GID). However, the CA in that construction has the power to decrypt every ciphertext, which seems somehow contradictory to the original goal of distributing control over many potentially untrusted authorities. Moreover, in that construction, the use of a consistent GID allowed the authorities to combine their information to build a full profile with all of a user's attributes, which unnecessarily compromises the privacy of the user. In this paper, we propose a solution which removes the trusted central authority, and protects the users' privacy by preventing the authorities from pooling their information on particular users, thus making ABE more usable in practice.

References

[1]

Mira Belenkiy, Jan Camenisch, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Hovav Shacham. Randomizable Proofs and Delegatable Anonymous Credentials. In CRYPTO, LNCS. Springer, 2009. To appear.

Digital Library

[2]

John Bethencourt, Amit Sahai, and Brent Waters. Ciphertext-Policy Attribute-Based Encryption. In IEEE Symposium on Security and Privacy, pages 321--334. IEEE Computer Society, 2007.

Digital Library

[3]

Stefan Brands. Rethinking Public Key Infrastructure and Digital Certificates -- Building in Privacy. PhD thesis, Eindhoven Inst. of Tech. 1999.

Digital Library

[4]

Jan Camenisch and Anna Lysyanskaya. Efficient Non-transferable Anonymous Multi-show Credential System with Optional Anonymity Revocation. In EUROCRYPT 2001, volume 2045 of LNCS, pages 93--118. Springer Verlag, 2001.

Digital Library

[5]

Melissa Chase. Multi-authority Attribute Based Encryption. In TCC, volume 4392 of LNCS, pages 515--534. Springer, 2007.

Digital Library

[6]

Sherman S.M. Chow. Removing Escrow from Identity-Based Encryption. In Public Key Cryptography, volume 5443 of LNCS, pages 256--276. Springer, 2009.

Digital Library

[7]

Yevgeniy Dodis and Aleksandr Yampolskiy. A Verifiable Random Function with Short Proofs and Keys. In Public Key Cryptography, volume 3386 of LNCS, pages 416--431. Springer, 2005.

Digital Library

[8]

Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. In Computer and Communications Security, pages 89--98. ACM, 2006.

Digital Library

[9]

Stanislaw Jarecki and Xiaomin Liu. Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection. In TCC, pages 577--594. Springer, 2009.

Digital Library

[10]

Huang Lin, Zhenfu Cao, Xiaohui Liang, and Jun Shao. Secure Threshold Multi Authority Attribute Based Encryption without a Central Authority. In INDOCRYPT, volume 5365 of LNCS, pages 426--436. Springer, 2008.

Digital Library

[11]

Moni Naor, Benny Pinkas, and Omer Reingold. Distributed Pseudo-random Functions and KDCs. In EUROCRYPT, volume 1592 of LNCS, pages 327--346. Springer, 1999.

Digital Library

[12]

Rafail Ostrovsky, Amit Sahai, and Brent Waters. Attribute-Based Encryption with Non-Monotonic Access Structures. In Computer and Communications Security, pages 195--203, 2007.

Digital Library

[13]

Amit Sahai and Brent Waters. Fuzzy Identity-Based Encryption. In EUROCRYPT, volume 3494 of LNCS, pages 457--473. Springer, 2005.

Digital Library

[14]

Adi Shamir. Identity-Based Cryptosystems and Signature Schemes. In CRYPTO, pages 47--53. Springer, 1984.

Digital Library

[15]

Brent Waters. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. Cryptology ePrint 2008/290.

Cited By

Huang MLiu YYang BZhao YZhang M(2024)Efficient Revocable Attribute-Based Encryption with Data Integrity and Key Escrow-FreeInformation10.3390/info1501003215:1(32)Online publication date: 7-Jan-2024
https://doi.org/10.3390/info15010032
Elhoseny MRiad K(2024)RT-PPS: Real-time privacy-preserving scheme for cloud-hosted IoT dataJournal of High Speed Networks10.3233/JHS-240096(1-20)Online publication date: 27-Sep-2024
https://doi.org/10.3233/JHS-240096
Jiang PLiu QZhu L(2024)SanIdea: Exploiting Secure Blockchain-Based Access Control via Sanitizable EncryptionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334006619(1589-1600)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2023.3340066
Show More Cited By

Index Terms

Improving privacy and security in multi-authority attribute-based encryption
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Multi-authority ciphertext-policy attribute-based encryption with accountability
ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

Attribute-based encryption (ABE) is a promising tool for implementing fine-grained cryptographic access control. Very recently, motivated by reducing the trust assumption on the authority, and enhancing the privacy of users, a multiple-authority key-...
Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles
ESORICS'11: Proceedings of the 16th European conference on Research in computer security

Recently Lewko and Waters proposed the first fully secure multi-authority ciphertext-policy attribute-based encryption (CP-ABE) system in the random oracle model, and leave the construction of a fully secure multi-authority CP-ABE in the standard model ...
A general construction for multi-authority attribute-based encryption
AICI'12: Proceedings of the 4th international conference on Artificial Intelligence and Computational Intelligence

An attribute-based encryption scheme is a scheme in which each user is identified by a set of attributes, and some function of those attributes is used to determine decryption ability for each ciphertext. But as an extension for identity-based ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

November 2009

664 pages

ISBN:9781605588940

DOI:10.1145/1653662

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chairs:
Somesh Jha
University of Wisconsin, USA
,
Angelos D. Keromytis
Columbia University, USA and Symantec Research Labs Europe, France

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 November 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '09

Sponsor:

SIGSAC

CCS '09: 16th ACM Conference on Computer and Communications Security 2009

November 9 - 13, 2009

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

507
Total Citations
View Citations
3,284
Total Downloads

Downloads (Last 12 months)195
Downloads (Last 6 weeks)16

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Huang MLiu YYang BZhao YZhang M(2024)Efficient Revocable Attribute-Based Encryption with Data Integrity and Key Escrow-FreeInformation10.3390/info1501003215:1(32)Online publication date: 7-Jan-2024
https://doi.org/10.3390/info15010032
Elhoseny MRiad K(2024)RT-PPS: Real-time privacy-preserving scheme for cloud-hosted IoT dataJournal of High Speed Networks10.3233/JHS-240096(1-20)Online publication date: 27-Sep-2024
https://doi.org/10.3233/JHS-240096
Jiang PLiu QZhu L(2024)SanIdea: Exploiting Secure Blockchain-Based Access Control via Sanitizable EncryptionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334006619(1589-1600)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2023.3340066
Fan HLi QXiong JLi RChen WHuang H(2024)Decentralized Access Control for Privacy-Preserving Cloud-Based Personal Health Record With Verifiable Policy UpdateIEEE Internet of Things Journal10.1109/JIOT.2024.336661111:9(16887-16901)Online publication date: 1-May-2024
https://doi.org/10.1109/JIOT.2024.3366611
Shen LKe ZShi JZhang XSun YZhao JWang XZhao X(2024)SPEFL: Efficient Security and Privacy-Enhanced Federated Learning Against Poisoning AttacksIEEE Internet of Things Journal10.1109/JIOT.2023.333963811:8(13437-13451)Online publication date: 15-Apr-2024
https://doi.org/10.1109/JIOT.2023.3339638
He XLi LPeng H(2024)A Key Escrow-Free KP-ABE Scheme and Its Application in Standalone Authentication in IoTIEEE Internet of Things Journal10.1109/JIOT.2023.332970311:7(11381-11394)Online publication date: 1-Apr-2024
https://doi.org/10.1109/JIOT.2023.3329703
Zhong ZYan HVoundi Koe ADeng WLi J(2024)Towards Key-Escrow Free Attribute-Based Encryption for Self-Sovereign Identity Systems2024 IEEE/ACM 32nd International Symposium on Quality of Service (IWQoS)10.1109/IWQoS61813.2024.10682908(1-10)Online publication date: 19-Jun-2024
https://doi.org/10.1109/IWQoS61813.2024.10682908
YANG S(2024)BDAE: A Blockchain-Based and Decentralized Attribute-Based Encryption Scheme for Secure Data SharingWuhan University Journal of Natural Sciences10.1051/wujns/202429322829:3(228-238)Online publication date: 3-Jul-2024
https://doi.org/10.1051/wujns/2024293228
Yang XLiu J(2024)HA-MedIET Information Security10.1049/2024/24982452024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1049/2024/2498245
Walid RJoshi KChoi S(2024)Comparison of attribute-based encryption schemes in securing healthcare systemsScientific Reports10.1038/s41598-024-57692-w14:1Online publication date: 26-Mar-2024
https://doi.org/10.1038/s41598-024-57692-w
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents