A Provably Secure Ciphertext-Policy Hierarchical Attribute-Based Encryption

  • Ziying Wang
  • Jian Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9483)


With the booming growth of network technology, the problems of information disclosure are becoming more and more serious. The attribute-based encryption has been one of hotspots for the advantage of fine-grained access control. In this paper, a provably secure ciphertext-policy hierarchical attribute-based encryption is proposed, which can satisfy the need of attribute hierarchy in attribute-based encryption and overcome the shortage of access control policies in the logic operations. We give a solution to the problem of hierarchical relationship between attributes in the same category in attribute-based encryption and provide a more expressive description of the access control structure. The security of the proposed CP-HABE scheme is proved in the standard model on the basis of decisional l parallel-BDHE assumption. Also the performance analysis is provided.


Attribute–based encryption Hierarchical attribute Ciphertext-policy Access control 



This work is partly supported by the Fundamental Research Funds for the Central Universities (No. NZ2015108), and the China Postdoctoral Science Foundation funded project (2015M571752), and the Jiangsu Planned Projects for Postdoctoral Research Funds (1402033C), and Open Project Foundation of Information Technology Research Base of Civil Aviation Administration of China(NO.CAAC-ITRB-201405).


  1. 1.
    Guo, L., Wang, J., Wu, H., Du, H.: eXtensible Markup Language access control model with filtering privacy based on matrix storage. IET Commun. 8, 1919–1927 (2014)CrossRefGoogle Scholar
  2. 2.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Li, J., Wang, Q., Wang, C., Ren, K.: Enhancing attribute-based encryption with attribute hierarchy. Mob. Netw. Appl. 16, 553–561 (2011)CrossRefGoogle Scholar
  4. 4.
    Wang, G., Liu, Q., Wu, J., Guo, M.: Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput. Secur. 30, 320–331 (2011)CrossRefGoogle Scholar
  5. 5.
    Wan, Z., Liu, J.E., Deng, R.H.: HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 7, 743–754 (2012)CrossRefGoogle Scholar
  6. 6.
    Liu, X., Xia, Y., Jiang, S., Xia, F., Wang, Y.: Hierarchical attribute-based access control with authentication for outsourced data in cloud computing. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 477–484. IEEE (2013)Google Scholar
  7. 7.
    Deng, H., Wu, Q., Qin, B., Domingo-Ferrer, J., Zhang, L., Liu, J., Shi, W.: Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf. Sci. 275, 370–384 (2014)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)Google Scholar
  9. 9.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, 2007, SP 2007, pp. 321–334. IEEE (2007)Google Scholar
  10. 10.
    Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 456–465. ACM (2007)Google Scholar
  11. 11.
    Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 579–591. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Kapadia, A., Tsang, P.P., Smith, S.W.: Attribute-based publishing with hidden credentials and hidden policies. In: NDSS, pp. 179–192 (2007)Google Scholar
  13. 13.
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Balu, A., Kuppusamy, K.: An expressive and provably secure ciphertext-policy attribute-based encryption. Inf. Sci. 276, 354–362 (2014)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Damgård, I.B., Thorbek, R.: Linear integer secret sharing and distributed exponentiation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 75–90. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.College of Computer Science and TechnologyNanjing University of Aeronautics and AstronauticsNanjingChina
  2. 2.Information Technology Research Base of Civil Aviation Administration of ChinaCivil Aviation University of ChinaTianjinChina

Personalised recommendations