Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption

@inproceedings{Sahai2012DynamicCA,
  title={Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption},
  author={Amit Sahai and Hakan Seyalioglu and Brent Waters},
  booktitle={IACR Cryptol. ePrint Arch.},
  year={2012}
}
Motivated by the question of access control in cloud storage, we consider the problem using Attribute-Based Encryption ABE in a setting where users' credentials may change and ciphertexts may be stored by a third party. Our main result is obtained by pairing two contributions:We first ask how a third party who is not trusted with secret key information can process a ciphertext to disqualify revoked users from decrypting data encrypted in the past. Our core tool is a new procedure called… Expand
Updatable Ciphertext-Policy Attribute-Based Encryption Scheme With Traceability and Revocability
TLDR
This work proposes a novel updatable CP-ABE scheme supporting white-box traceability and traitor revocation, which is more efficient, and can achieve valid revocation and ciphertext update. Expand
CCA Security for Self-Updatable Encryption: Protecting Cloud Data When Clients Read/Write Ciphertexts
TLDR
This work proposes the first SUE and RS-ABE schemes secure against a relevant form of chosen-ciphertext security (CCA), and defines “time extended challenge” CCA security for SUE which excludes ciphertexts that are easily derived from the challenge (over time periods) from being queried on. Expand
Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation
TLDR
A new notion for RABE is introduced called re-randomizable piecewise key generation by allowing a data user to re-randmomize the combined secret key and the key update to obtain the decryption key, and the secret key is unrecoverable even both the dec encryption key andThe key update are known by the attacker. Expand
Ciphertext Outdate Attacks on the Revocable Attribute-Based Encryption Scheme With Time Encodings
TLDR
There is a serious security problem in Xu et al. Expand
A Revocable Outsourcing Attribute-Based Encryption Scheme
TLDR
A solution adopting techniques on secure outsourcing of pairings to support outsourcing computation and adopting some techniques based on the tree-based scheme to solve user revocation and attribute revocation is proposed. Expand
A New User Revocable Ciphertext-Policy Attribute-Based Encryption with Ciphertext Update
TLDR
A new user R-CP-ABE scheme is proposed that simultaneously supports user direct revocation, short revocation list, and ciphertext update by incorporating the identity-based and time-based revocable technique. Expand
Server-Aided Directly Revocable Ciphertext-Policy Attribute-Based Encryption with Verifiable Delegation
TLDR
This work proposes a novel primitive called server-aided directly revocable CP-ABE with verifiable delegation, denoted by sarCP-ABe, which can be proved selectively secure against chosen-plaintext attack on both original and updated ciphertext. Expand
Ciphertext-Policy Attribute-Based Access Control with Effective User Revocation for Cloud Data Sharing System
TLDR
This paper proposes a CP-ABE scheme which supports an effective user revocation mechanism by introducing "the essential attribute" and by considering minimally trusted proxy servers, the essential attribute must be included in both ciphertext and update-key. Expand
New directly revocable attribute-based encryption scheme and its application in cloud storage environment
TLDR
This paper study the direct revocation mechanism of ciphertext-policy ABE, construct a new directly revocable CP-ABE in the composite order group, and prove it to achieve adaptive security using dual system encryption in the standard model. Expand
Ciphertext Outdate Attacks on Xu et al.'s Revocable Attribute-Based Encryption Scheme
TLDR
There is a serious security problem in Xu et al.'s RABE scheme such that a semi-trusted cloud storage can decrypt a ciphertext by colluding with a revoked user, and the RABe scheme is not able to provide meaningful security in cloud storage. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 27 REFERENCES
Ciphertext-Policy Attribute-Based Encryption
TLDR
A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented. Expand
Attribute-based encryption for fine-grained access control of encrypted data
TLDR
This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption. Expand
Fully secure revocable attribute-based encryption
TLDR
This paper presents an ABE scheme that supports revocation and has full security in adaptive model and adapts the dual system encryption technique recently introduced by Waters to ABE to realize full security. Expand
Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization
  • Brent Waters
  • Mathematics, Computer Science
  • Public Key Cryptography
  • 2011
We present a new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model. Our solutions allow anyExpand
Identity-based encryption with efficient revocation
TLDR
This work proposes an IBE scheme that significantly improves key-update efficiency on the side of the trusted party (from linear to logarithmic in the number of users), while staying efficient for the users. Expand
Adaptive-ID Secure Revocable Identity-Based Encryption
TLDR
This work describes an adaptive-ID secure revocable IBE scheme and solves a problem left open by Boldyreva et al. Expand
Certificate-Based Encryption and the Certificate Revocation Problem
TLDR
It is demonstrated how certificate-based encryption can be used to construct an efficient PKI requiring less infrastructure than previous proposals, including Micali's Novomodo, Naor-Nissim and Aiello-Lodha-Ostrovsky. Expand
A Forward-Secure Public-Key Encryption Scheme
TLDR
The first constructions of (non-interactive) forward-secure public-key encryption schemes are presented and the main construction achieves security against chosen-plaintext attacks in the standard model, and all parameters are poly-logarithmic in the total number of time periods. Expand
Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption
We present two fully secure functional encryption schemes: a fully secure attribute-based encryption (ABE) scheme and a fully secure (attribute-hiding) predicate encryption (PE) scheme forExpand
Attribute-based encryption with non-monotonic access structures
TLDR
An Attribute-Based Encryption scheme that allows a user's private key to be expressed in terms of any access formula over attributes based on the Decisional Bilinear Diffie-Hellman (BDH) assumption is constructed. Expand
...
1
2
3
...