Decentralizing attribute-based encryption
Allison Lewko,Brent Waters +1 more
- pp 568-588
Reads0
Chats0
TLDR
In this paper, the authors proposed a multi-authority attribute-based encryption (ABE) system, where any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters.Abstract:
We propose a Multi-Authority Attribute-Based Encryption (ABE) system. In our system, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. A party can simply act as an ABE authority by creating a public key and issuing private keys to different users that reflect their attributes. A user can encrypt data in terms of any boolean formula over attributes issued from any chosen set of authorities. Finally, our system does not require any central authority.
In constructing our system, our largest technical hurdle is to make it collusion resistant. Prior Attribute-Based Encryption systems achieved collusion resistance when the ABE system authority "tied" together different components (representing different attributes) of a user's private key by randomizing the key. However, in our system each component will come from a potentially different authority, where we assume no coordination between such authorities. We create new techniques to tie key components together and prevent collusion attacks between users with different global identifiers.
We prove our system secure using the recent dual system encryption methodology where the security proof works by first converting the challenge ciphertext and private keys to a semi-functional form and then arguing security. We follow a recent variant of the dual system proof technique due to Lewko and Waters and build our system using bilinear groups of composite order. We prove security under similar static assumptions to the LW paper in the random oracle model.read more
Citations
More filters
Book ChapterDOI
Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization
TL;DR: A new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model is presented.
Journal ArticleDOI
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
TL;DR: A novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers are proposed and a high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE.
Journal ArticleDOI
Securing Fog Computing for Internet of Things Applications: Challenges and Solutions
TL;DR: The architecture and features of fog computing are reviewed and critical roles of fog nodes are studied, including real-time services, transient storage, data dissemination and decentralized computation, which are expected to draw more attention and efforts into this new architecture.
Journal ArticleDOI
Charm: a framework for rapidly prototyping cryptosystems
Joseph A. Akinyele,Christina Garman,Ian Miers,Matthew W. Pagano,Michael Rushanan,Matthew Green,Aviel D. Rubin +6 more
TL;DR: Charm as discussed by the authors is an extensible framework for rapidly prototyping cryptographic systems, including support for modular composition of cryptographic building blocks, infrastructure for developing interactive protocols, and an extensive library of re-usable code.
Journal ArticleDOI
Security and Privacy on Blockchain
Rui Zhang,Rui Xue,Ling Liu +2 more
TL;DR: This article presents a comprehensive overview of the security and privacy of blockchain with respect to concept, attributes, techniques, and systems, and describes the basic security properties that are supported as the essential requirements and building blocks for Bitcoin-like cryptocurrency systems.
References
More filters
Book ChapterDOI
Identity-based cryptosystems and signature schemes
TL;DR: In this article, the authors introduce a novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other's signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party.
Journal ArticleDOI
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
TL;DR: This work proposes a fully functional identity-based encryption (IBE) scheme based on bilinear maps between groups and gives precise definitions for secure IBE schemes and gives several applications for such systems.
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Proceedings ArticleDOI
Attribute-based encryption for fine-grained access control of encrypted data
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Book ChapterDOI
Fuzzy identity-based encryption
Amit Sahai,Brent Waters +1 more
TL;DR: In this article, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.