Abstract
We propose a generic construction for fully secure decentralized multiauthority predicate encryption. In such multiauthority predicate encryption scheme, ciphertexts are associated with one or more predicates from various authorities and only if a user has a set of decryption keys that evaluates all predicates to true, the user is able to recover the message. In our decentralized system, anyone can create a new authority and issue decryption keys for their own predicates. We introduce the concept of a multi-authority admissible pair encoding scheme and, based on these encodings, we give a generic conversion algorithm that allows us to easily combine various predicate encryption schemes into a multi-authority predicate encryption variant. The resulting encryption schemes are proven fully secure under standard subgroup decision assumptions in the random oracle model. Finally, by instantiating several concrete multi-authority admissible pair encoding schemes and applying our conversion algorithm, we are able to create a variety of novel multi-authority predicate encryption schemes.
Highlights
Predicate encryption (PE) is a type of public-key encryption, where the outcome of decryption is controlled by a relation R
To support a variety of PE schemes for the use in a decentralized multi-authority predicate encryption (MA-PE) scheme, we introduce the concept of multi-authority admissible pair encoding schemes (MA-PESs)
We show that the concept of a multi-authority attribute-based encryption scheme can be generalized to a multi-authority predicate encryption (MA-PE) scheme for a variety of predicate families
Summary
Predicate encryption (PE) is a type of public-key encryption, where the outcome of decryption is controlled by a relation R. The first proposed MA-PE constructions [12,13,25] either require interaction between all authorities, or solely address the scalability problem and still require a master secret which can be used to decrypt all messages To address both problems at the same time, Lewko and Waters [21] proposed a decentralized scheme. The definition of an MA-PES is an extended variant of the recently introduced concept of pair encoding schemes (PESs) [2,3,5] Such a (multi-authority admissible) pair encoding scheme describes how a predicate can be encoded in an encryption scheme, without having to consider the group structure the scheme is instantiated in. The adversary receives a semifunctional challenge ciphertext and only semi-functional keys, meaning that the adversary has no chance in correctly decrypting the challenge ciphertext, and making it impossible for the adversary to gain a non-negligible advantage in winning the game
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call