Data Owner Based Attribute Based Encryption

Abstract

These years attribute based encryption (ABE) is a very hot research topic for its very flexible control on the encrypted content. Typically, there are three parties in an attribute based encryption system: PKG, User (Decrypter), Encrypter. The PKG (Private Key Generator) is responsible to generate secret keys for the User (Decrypter) according to the attributes (CP-ABE) or the policy (KP-ABE), then the Encrypter encrypts his content according to the policy (KP-ABE) or the attributes (CP-ABE), the User then decrypts the encrypted content using his secret keys. However, all the ABE schemes until now require the exist of PKG to generate secret keys for the User(Decrypter). We observe this i snot the only way to generate the secret keys, the encrypter also has the ability to generate "secret keys" for the User (Decrypter) by using the randomness which used in the encryption. We introduce a new variant of ABE: DO-ABE, which is almost the same as the traditional ABE except the secret keys generated by the encrypter. Compared with ABE, DO-ABE can easily achieve message-level based fine-grained control on the encrypted content, the key-escrow free property, easily message recoverable for the encrypter, while these properties are desirable in practical applications like cloud storage. We give two concrete KP-DO-ABE and CP-DO-ABE schemes, discuss its features compared with the traditional ABE and roughly analysis its security. Finally we conclude our paper with many interesting open problems.