Fully secure bandwidth‐efficient anonymous ciphertext‐policy attribute‐based encryption

Abstract

AbstractThe functionality of ciphertext‐policy attribute‐based encryption (CP‐ABE) enables the encryptor to encrypt the data for a group of users of his choice by incorporating an access policy over target receivers' attributes into encryption algorithm itself. This makes CP‐ABE systems appealing in several applications where complex access control is at prime concern, but incurs high communication and computation overheads which could impede its practical usage. Another limitation of CP‐ABE is that the ciphertext includes the access policy explicitly and, hence, anyone who has access to the ciphertext can identify all legitimate recipients of that ciphertext. This is not desirable for certain mission‐critical applications such as military operations. In order to alleviate these problems, we add privacy‐preserving property efficiently to CP‐ABE scheme via concealing the access policy partially. The encryption in our construction exploits monotone access policies over receivers' attributes and makes ciphertext size constant. The construction is fully secure and can achieve recipient anonymity as the ciphertext terms do not leak any information about recipients. The full semantic security with anonymity relies on dual‐system encryption technique in composite order bilinear groups. To the best of our knowledge, the proposed scheme is the firstconstruction in the anonymous ABE literature with the stated functionality. Copyright © 2015 John Wiley & Sons, Ltd.