Attribute-based encryption (ABE), a cryptographic primitive, realizes fine-grained access control. Because of its attractive functionality, many systems based on ABE have been constructed to date. In such cryptographic systems, revocation functionality is indispensable to handle withdrawal of users, secret key exposure, and others. Although many ABE schemes with various functionalities have been proposed, only a few of these are revocable ABE (RABE). In this paper, we propose two generic constructions of RABE from ABE. Our first construction employs the pair encoding framework (Attrapadung, EUROCRYPT 2014), and combines identity-based revocation and ABE via the generic conjunctive conversion of Attrapadung and Yamada (CT-RSA 2015). Our second construction converts ABE to RABE directly when ABE supports Boolean formulae. Because our constructions preserve functionalities of the underlying ABE, we can instantiate various fully secure RABE schemes for the first time, e.g., supporting regular languages, with unbounded attribute size and policy structure, and with constant-size ciphertext and secret key.
Kotoko YAMADA
the Tokyo Institute of Technology
Nuttapong ATTRAPADUNG
the National Institute of Advanced Industrial Science and Technology (AIST)
Keita EMURA
National Institute of Information and Communications Technology (NICT)
Goichiro HANAOKA
the National Institute of Advanced Industrial Science and Technology (AIST)
Keisuke TANAKA
the Tokyo Institute of Technology
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Kotoko YAMADA, Nuttapong ATTRAPADUNG, Keita EMURA, Goichiro HANAOKA, Keisuke TANAKA, "Generic Constructions for Fully Secure Revocable Attribute-Based Encryption" in IEICE TRANSACTIONS on Fundamentals,
vol. E101-A, no. 9, pp. 1456-1472, September 2018, doi: 10.1587/transfun.E101.A.1456.
Abstract: Attribute-based encryption (ABE), a cryptographic primitive, realizes fine-grained access control. Because of its attractive functionality, many systems based on ABE have been constructed to date. In such cryptographic systems, revocation functionality is indispensable to handle withdrawal of users, secret key exposure, and others. Although many ABE schemes with various functionalities have been proposed, only a few of these are revocable ABE (RABE). In this paper, we propose two generic constructions of RABE from ABE. Our first construction employs the pair encoding framework (Attrapadung, EUROCRYPT 2014), and combines identity-based revocation and ABE via the generic conjunctive conversion of Attrapadung and Yamada (CT-RSA 2015). Our second construction converts ABE to RABE directly when ABE supports Boolean formulae. Because our constructions preserve functionalities of the underlying ABE, we can instantiate various fully secure RABE schemes for the first time, e.g., supporting regular languages, with unbounded attribute size and policy structure, and with constant-size ciphertext and secret key.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E101.A.1456/_p
Copy
@ARTICLE{e101-a_9_1456,
author={Kotoko YAMADA, Nuttapong ATTRAPADUNG, Keita EMURA, Goichiro HANAOKA, Keisuke TANAKA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Generic Constructions for Fully Secure Revocable Attribute-Based Encryption},
year={2018},
volume={E101-A},
number={9},
pages={1456-1472},
abstract={Attribute-based encryption (ABE), a cryptographic primitive, realizes fine-grained access control. Because of its attractive functionality, many systems based on ABE have been constructed to date. In such cryptographic systems, revocation functionality is indispensable to handle withdrawal of users, secret key exposure, and others. Although many ABE schemes with various functionalities have been proposed, only a few of these are revocable ABE (RABE). In this paper, we propose two generic constructions of RABE from ABE. Our first construction employs the pair encoding framework (Attrapadung, EUROCRYPT 2014), and combines identity-based revocation and ABE via the generic conjunctive conversion of Attrapadung and Yamada (CT-RSA 2015). Our second construction converts ABE to RABE directly when ABE supports Boolean formulae. Because our constructions preserve functionalities of the underlying ABE, we can instantiate various fully secure RABE schemes for the first time, e.g., supporting regular languages, with unbounded attribute size and policy structure, and with constant-size ciphertext and secret key.},
keywords={},
doi={10.1587/transfun.E101.A.1456},
ISSN={1745-1337},
month={September},}
Copy
TY - JOUR
TI - Generic Constructions for Fully Secure Revocable Attribute-Based Encryption
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1456
EP - 1472
AU - Kotoko YAMADA
AU - Nuttapong ATTRAPADUNG
AU - Keita EMURA
AU - Goichiro HANAOKA
AU - Keisuke TANAKA
PY - 2018
DO - 10.1587/transfun.E101.A.1456
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E101-A
IS - 9
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - September 2018
AB - Attribute-based encryption (ABE), a cryptographic primitive, realizes fine-grained access control. Because of its attractive functionality, many systems based on ABE have been constructed to date. In such cryptographic systems, revocation functionality is indispensable to handle withdrawal of users, secret key exposure, and others. Although many ABE schemes with various functionalities have been proposed, only a few of these are revocable ABE (RABE). In this paper, we propose two generic constructions of RABE from ABE. Our first construction employs the pair encoding framework (Attrapadung, EUROCRYPT 2014), and combines identity-based revocation and ABE via the generic conjunctive conversion of Attrapadung and Yamada (CT-RSA 2015). Our second construction converts ABE to RABE directly when ABE supports Boolean formulae. Because our constructions preserve functionalities of the underlying ABE, we can instantiate various fully secure RABE schemes for the first time, e.g., supporting regular languages, with unbounded attribute size and policy structure, and with constant-size ciphertext and secret key.
ER -