Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
Efficient Trace and Revoke Schemes
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Ciphertext-Policy Attribute-Based Encryption
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Attribute-based encryption with non-monotonic access structures
Proceedings of the 14th ACM conference on Computer and communications security
Provably secure ciphertext policy ABE
Proceedings of the 14th ACM conference on Computer and communications security
General Ad Hoc Encryption from Exponent Inversion IBE
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Bounded Ciphertext Policy Attribute Based Encryption
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Dynamic Threshold Public-Key Encryption
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Generalized Identity Based and Broadcast Encryption Schemes
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Ciphertext-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Dual-Policy Attribute Based Encryption
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Conjunctive Broadcast and Attribute-Based Encryption
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Improving privacy and security in multi-authority attribute-based encryption
Proceedings of the 16th ACM conference on Computer and communications security
Multi-authority attribute based encryption
TCC'07 Proceedings of the 4th conference on Theory of cryptography
A forward-secure public-key encryption scheme
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Predicate encryption supporting disjunctions, polynomial equations, and inner products
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Revocation Systems with Very Small Private Keys
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Fully secure functional encryption with general relations from the decisional linear assumption
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Generic constructions for chosen-ciphertext secure attribute based encryption
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Expressive key-policy attribute-based encryption with constant-size ciphertexts
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Functional encryption: definitions and challenges
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Hierarchical identity based encryption with constant size ciphertext
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Fuzzy identity-based encryption
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Constant size ciphertexts in threshold attribute-based encryption
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Security analysis of the strong diffie-hellman problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Generalized key delegation for hierarchical identity-based encryption
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Hi-index | 5.23 |
Attribute-based encryption (ABE), as introduced by Sahai and Waters, allows for fine-grained access control on encrypted data. In its key-policy flavor (the dual ciphertext-policy scenario proceeds the other way around), the primitive enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most ABE systems, the ciphertext size grows linearly with the number of ciphertext attributes and the only known exception only supports restricted forms of access policies. This paper proposes the first attribute-based encryption (ABE) schemes allowing for truly expressive access structures and with constant ciphertext size. Our first result is a ciphertext-policy attribute-based encryption (CP-ABE) scheme with O(1)-size ciphertexts for threshold access policies and where private keys remain as short as in previous systems. As a second result, we show that a certain class of identity-based broadcast encryption schemes generically yields monotonic key-policy attribute-based encryption (KP-ABE) systems in the selective set model. Our final contribution is a KP-ABE realization supporting non-monotonic access structures (i.e., that may contain negated attributes) with short ciphertexts. As an intermediate step toward this result, we describe a new efficient identity-based revocation mechanism that, when combined with a particular instantiation of our general monotonic construction, gives rise to the most expressive KP-ABE realization with constant-size ciphertexts. The downside of our second and third constructions is that private keys have quadratic size in the number of attributes. On the other hand, they reduce the number of pairing evaluations to a constant, which appears to be a unique feature among expressive KP-ABE schemes.