Efficient and Fully Secure Forward Secure Ciphertext-Policy Attribute-Based Encryption
Attribute-based encryption (ABE) schemes provide a fine-grained access control mechanism over encrypted data, and are useful for cloud online-storage services, or Pay-TV systems and so on. To apply ABE for such services, key exposure protection mechanisms are necessary. Unfortunately, standard security notions of ABE offer no protection against key exposure. One solution to this problem is to give forward security to ABE schemes. In forward secure cryptographic schemes, even if a secret key is exposed, messages encrypted during all time periods prior to the key leak remain secret. In this paper we propose an efficient Forward Secure Ciphertext-Policy Attribute-Based Encryption (FS-CP-ABE) which is efficient and fully secure. To construct efficient FS-CP-ABE, we first introduce a new cryptographic primitive called Ciphertext-Policy Attribute-Based Encryption with Augmented Hierarchy (CP-ABE-AH). Intuitively, CP-ABE-AH is an encryption scheme with both hierarchical identity based encryption and CP-ABE properties. Then we show that FS-CP-ABE can be constructed from CP-ABE-AH generically. We give the security definition of FS-CP-ABE, and security proofs based on three complexity assumptions. The size of public parameter is \(O(\log T)\), and the secret key size is \(O(\log ^2 T)\) where T is the number of time slots.
KeywordsEncryption Scheme Access Structure Randomized Algorithm Public Parameter Complexity Assumption
- 3.Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Israel Institute of Technology, Haifa, Israel (1996)Google Scholar
- 6.Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy 2007, pp. 321–334 (2007)Google Scholar
- 8.Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communication Security (CCS 2006), pp. 89–98. ACM (2006)Google Scholar
- 12.Wang, Z., Yao D., Feng R.: Adaptive key protection in complex cryptosystems with attributes. In: IACR Cryptology ePrint Archive 2012/136, (2012)Google Scholar
- 15.Yao, D., Fazio, N., Dodis, Y., Lysyanskaya, A.: ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 354–363. ACM (2004)Google Scholar