A Fully Secure KP-ABE Scheme on Prime-Order Bilinear Groups through Selective Techniques

Isaac Amankona Obiri,Emmanuel Boateng Sifah,Jianbin Gao,Kwame Omono Asamoah,Kwame Opuni-Boachie Obour Agyekum,Xiaosong Zhang,Hu Xia,Qi Xia,Savio Sciancalepore

doi:10.1155/2020/8869057

Abstract

Key-policy attribute-based encryption (KP-ABE) is the cryptographic primitive which enables fine grained access control while still providing end-to-end encryption. Although traditional encryption schemes can provide end-to-end encryption, users have to either share the same decryption keys or the data have to be stored in multiple instances which are encrypted with different keys. Both of these options are undesirable. However, KP-ABE can provide less key overhead compared to the traditional encryption schemes. While there are a lot of KP-ABE schemes, none of them simultaneously supports multiuse of attributes, adaptive security, monotone span programs, and static security assumption. Hence, we propose a fully secure KP-ABE scheme for monotone span programs in prime-order group. This scheme uses selective security proof techniques to obtain the requisite ingredients for full security proof. This strengthens the correlation between selective and full security models and enables the transition of the best qualities in selective security models to fully secure systems. The security proof is based on decisional linear assumption and three-party Diffie–Hellman assumption.

Highlights

Attribute-based encryption (ABE) is a public key cryptosystem which yields fine grained access control over ciphertext
In key-policy ABE (KP-ABE) construction for instance, a message is encrypted over attribute set such as “profession: nurse, sex: female, and institution: hospital A,” and keys are generated over access policy like “profession: nurse ∧ sex: female.” e decryption of a given ciphertext is feasible only if the attributes satisfy the access policy
Ciphertext-policy ABE (CP-ABE) construction is a dual version of KP-ABE scheme with the ciphertext and key attached to access policy and attributes, respectively [1,2,3]

Summary

Introduction

Attribute-based encryption (ABE) is a public key cryptosystem which yields fine grained access control over ciphertext. In the settings of IBE, the drawback of selective security was eliminated by giving the simulator the ability to “guess” a partition and terminate whenever the adversary exceeds its limit [10] If this approach is used in the ABE schemes, it will lead to exponential loss of security because the ABE scheme has a highly expressive access policy, which makes it difficult to identify a partition that is consistent with the partial power ordering of each key. Based on the known access policy, the simulator can embed a difficulty in the secret key from the semifunctional space and later annul this difficulty in the ciphertext.

Related Works

Preliminaries

Prime-Order KP-ABE Construction

Security Proof

Implementation and Evaluation

Conclusions