SCIENCE CHINA Information Sciences, Volume 61, Issue 3: 032102(2018) https://doi.org/10.1007/s11432-016-9019-8

## Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability

• AcceptedJan 10, 2017
• PublishedJun 29, 2017
Share
Rating

### Abstract

Traceable multi-authority ciphertext-policy attribute-based encryption (CP-ABE) is a practical encryption method that can achieve user traceability and fine-grained access control simultaneously. However, existing traceable multi-authority CP-ABE schemes have two main limitations that prevent them from practical applications. First, these schemes only support small universe: the attributes must be fixed at system setup and the attribute space is restricted to polynomial size. Second, the schemes are either less expressive (the access policy is limited to “AND gates with wildcard) or inefficient (the system is constructed in composite order bilinear groups). To address these limitations, we present a traceable large universe multi-authority CP-ABE scheme, and further prove that it is statically secure in the random oracle model. Compared with existing traceable multi-authority CP-ABE schemes, the proposed scheme has four advantages. First, the attributes are not fixed at setup and the attribute universe is not bounded to polynomial size. Second, the ciphertext polices can be expressed as any monotone access structures. Third, the proposed scheme is constructed in prime order groups, which makes this scheme more efficient than those in composite order bilinear groups. Finally, the proposed scheme requires neither a central authority nor an identity table for tracing.

### Acknowledgment

This work was supported by National High Technology Research and Development Program of China (863 Program) (Grant No. 2015AA016007), Fundamental Research Funds for the Central Universities (Grant No. BDZ011402), China 111 Project (Grant No. B16037), and National Natural Science Foundation of China (Grant Nos. U1405255, 61472310).

### References

[1] Sahai A, Waters B. Fuzzy identity-based encryption. In: Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, 2005. 457--473. Google Scholar

[2] Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, 2006. 89--98. Google Scholar

[3] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute based encryption. In: Proceedings of the 28th IEEE Symposium on Security and Privacy, Berkeley, 2007. 321--334. Google Scholar

[4] Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 456--465. Google Scholar

[5] Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 195--203. Google Scholar

[6] Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of the 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco and Nice, 2010. 62--91. Google Scholar

[7] Okamoto T, Takashima K. Fully secure functional encryption with general relations from the decisional linear assumption. In: Proceedings of the 30th International Cryptology Conference, Santa Barbara, 2010. 191--208. Google Scholar

[8] Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 53--70. Google Scholar

[9] Chase M. Multi-authority attribute based encryption. In: Proceedings of the 4th Theory of Cryptography Conference, Amsterdam, 2007. 515--534. Google Scholar

[10] Li J, Huang Q, Chen X, et al. Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, 2011. 386--390. Google Scholar

[11] Liu Z, Cao Z, Wong D. White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans Inf Foren Secur, 2013, 8: 76--88. Google Scholar

[12] Zhou J, Cao Z, Dong X, et al. TR-MABE: white-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems. In: Proceedings of the IEEE Conference on Computer Communications, Hong Kong, 2015. 2398--2406. Google Scholar

[13] Chase M, Chow S S M. Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 2009. 121--130. Google Scholar

[14] Lewko A, Waters B. Decentralizing attribute-based encryption. In: Proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, 2011. 568--588. Google Scholar

[15] Ying Z B, Li H, Ma J F, et al. Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating. Sci China Inf Sci, 2016, 59: 042701. Google Scholar

[16] Lewko A, Waters B. Unbounded HIBE and attribute-based encryption. In: Proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, 2011. 547--567. Google Scholar

[17] Rouselakis Y, Waters B. Practical constructions and new proof methods for large universe attribute-based encryption. In: Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, 2013. 463--474. Google Scholar

[18] Rouselakis Y, Waters B. Efficient statically-secure large-universe multi-authority attribute-based encryption. In: Financial Cryptography and Data Security. Berlin: Springer, 2015. 315--332. Google Scholar

[19] Hinek M J, Jiang S, Safavi-Naini R, et al. Attribute-based encryption without key cloning. Int J Appl Cryptogr, 2012, 2: 250--270. Google Scholar

[20] Ning J, Dong X, Cao Z, et al. White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes. IEEE Trans Inf Foren Secur, 2015, 10: 1274--1288. Google Scholar

[21] Ning J, Dong X, Cao Z, et al. Accountable authority ciphertext-policy attribute-based encryption with white-box traceability and public auditing in the cloud. In: Proceedings of the European Symposium on Research in Computer Security, Vienna, 2015. 270--289. Google Scholar

[22] Liu Z, Cao Z, Wong D S. Traceable CP-ABE: how to trace decryption devices found in the wild. IEEE Trans Inf Foren Secur, 2015, 10: 55--68. Google Scholar

[23] Li J, Ren K, Kim K. A2BE: accountable attribute-based encryption for abuse free access control. Cryptology ePrint Archive, Report 2009/118, 2009. https://eprint.iacr.org/2009/118. Google Scholar

[24] Wang Y T, Chen K F, Long Y, et al. Accountable authority key policy attribute-based encryption. Sci China Inf Sci, 2012, 55: 1631--1638. Google Scholar

[25] Ning J T, Cao Z F, Dong X L, et al. Traceable and revocable CP-ABE with shorter ciphertexts. Sci China Inf Sci, 2016, 59: 119102. Google Scholar

[26] Beimel A. Secure schemes for secret sharing and key distribution. Dissertation for Ph.D. Degree. Haifa: Technion-Israel Institute of Technology, 1996. Google Scholar

[27] Boneh D, Boyen X. Short signatures without random oracles and the SDH assumption in bilinear groups. J Crypt, 2008, 21: 149--177. Google Scholar

• Table 1   Features summary of traceable multi-authority CP-ABE results
 Large universe$^{\rm~a)}$ Supportting any monotone access structures$^{\rm~b)}$ Efficient$^{\rm~c)}$ No identity table$^{\rm~d)}$ Ref. [10] $\times$ $\times$ $\times$ $\checkmark$ Ref. [12] $\times$ $\checkmark~$ $\times$ $\times$ This paper $\checkmark$ $\checkmark$ $\checkmark$ $\checkmark$
• Table 2   Efficiency summary of traceable multi-authority CP-ABE results
 Ref. [10] Ref. [12] This paper Public key size $3|U|+|U_{\Theta}|+3\rho+4$ $|U|+D(|U_{\Theta}|+3)$ $4|U_{\Theta}|$ Private key size $3|S|+3\rho$ $|S|+D(|U_{\Theta}|+5)$ $4|S|+1$ Ciphertext size $2|U|+4\rho+2$ $2l+D+2$ $6l+1$ Pairing operations for decryption $3|S|+3\rho$ $4|I|+D+2$ $3|I|$ Identity tables for tracing $0$ $D$ $0$ In prime order groups $\checkmark$ $\times$ $\checkmark$

Citations

• #### 0

Altmetric

Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有