# Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts

@inproceedings{Attrapadung2011ExpressiveKA, title={Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts}, author={Nuttapong Attrapadung and Beno{\^i}t Libert and {\'E}lie de Panafieu}, booktitle={International Conference on Theory and Practice of Public Key Cryptography}, year={2011} }

Attribute-based encryption (ABE), as introduced by Sahai and Waters, allows for fine-grained access control on encrypted data. In its key-policy flavor, the primitive enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most ABE systems, the ciphertext size grows linearly with the number of ciphertext attributes and the only known exceptions only support…

## 393 Citations

### Attribute-based encryption schemes with constant-size ciphertexts

- Computer Science, MathematicsTheor. Comput. Sci.
- 2012

### Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption

- Computer Science, MathematicsAsiaCCS
- 2014

This paper presents the first KP-ABE scheme, which has the following features simultaneously: expressive (i.e., supporting arbitrary monotonic access structures); fully secure in the standard model; constant-size ciphertexts and fast decryption.

### Private Ciphertext-Policy Attribute-based Encryption Schemes With Constant-Size Ciphertext Supporting CNF Access Policy

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2015

This paper gives the first private CP-ABE constructions with a constant-size ciphertext, supporting CNF (Conjunctive Normal Form) access policy, with the simple restriction that each attribute can only appear kmax times in the access formula.

### Efficient Ciphertext Policy Attribute-Based Encryption with Constant-Size Ciphertext and Constant Computation-Cost

- Computer Science, MathematicsProvSec
- 2011

Two new CP-ABE schemes are presented, which have both constant-size ciphertext and constant computation costs for a nonmonotone AND gate access policy, under chosen plaintext and chosen ciphertext attacks and can be proven CPA-secure in standard model under the decision n-BDHE assumption and the existence of collision-resistant hash functions.

### Provably Secure Ciphertext-Policy Attribute-Based Encryption from Identity-Based Encryption

- Computer Science, MathematicsJ. Univers. Comput. Sci.
- 2019

This paper shows a relation between CP-ABE and identity-based encryption (IBE), and presents a bi-directional conversion between an access structure and identities, and proves the CCA security for confidentiality and anonymity.

### Expressive Ciphertext-Policy Attribute-Based Encryption with Fast Decryption

- Computer Science, MathematicsJ. Internet Serv. Inf. Secur.
- 2018

This paper proposes a new construction of ciphertext-policy ABE supporting general predicates with a constant number of pairing operations for decryption, and proves that the construction achieves new security notion which it introduces, restricted-selectively payload-hiding security under the q-type decisional bilinear DeiffieHellman assumption.

### Computationally Efficient Ciphertext-Policy Attribute-Based Encryption with Constant-Size Ciphertexts

- Computer Science, MathematicsProvSec
- 2014

The proposed CP-ABE scheme is proven selective-secure in the random oracle model under the decision n-Bilinear Diffie-Hellman Exponent (n-BDHE) assumption, where n represents the total number of attributes in universe.

### Constant-size ciphertexts in threshold attribute-based encryption without dummy attributes

- Computer ScienceInf. Sci.
- 2018

### Contributions to Attribute-Based Encryption and Its Variants

- Computer Science
- 2018

A new ciphertext-policy attribute-based encryption scheme supporting access policies of an AND-gate and a threshold with short ciphertexts is proposed and a new CP-ABE scheme with key-delegation abuse resistance is proposed to solve private key delegation and key duplication problem.

### Large Universe Ciphertext-Policy Attribute-Based Encryption with White-Box Traceability

- Computer ScienceESORICS
- 2014

A practical large universe CP-ABE system supporting white-box traceability, which is suitable for commercial applications and proves the selective security of the new system in the standard model under "q-type" assumption.

## References

SHOWING 1-10 OF 50 REFERENCES

### Provably secure ciphertext policy ABE

- Computer Science, MathematicsCCS '07
- 2007

The basic scheme is proven to be chosen plaintext (CPA) secure under the decisional bilinear Diffie-Hellman (DBDH) assumption and the Canetti-Halevi-Katz technique is applied to obtain a chosen ciphertext (CCA) secure extension using one-time signatures.

### Conjunctive Broadcast and Attribute-Based Encryption

- Computer Science, MathematicsPairing
- 2009

A new cryptosystem called Broadcast ABE is proposed, used to construct ABE systems with direct revocation mechanism, and appears to be the first fully-functional directly revocable schemes for key-policy and ciphertext-policy.

### Bounded Ciphertext Policy Attribute Based Encryption

- Computer Science, MathematicsICALP
- 2008

This work presents the first construction of a ciphertext-policy attribute based encryption scheme having a security proof based on a number theoretic assumption and supporting advanced access structures and support access structures which can be represented by a bounded size access tree with threshold gates as its nodes.

### Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization

- Computer Science, MathematicsPublic Key Cryptography
- 2011

We present a new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model. Our solutions allow any…

### Attribute-based encryption for fine-grained access control of encrypted data

- Computer ScienceCCS '06
- 2006

This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.

### Ciphertext-Policy Attribute-Based Encryption

- Computer Science, Mathematics2007 IEEE Symposium on Security and Privacy (SP '07)
- 2007

A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.

### Functional Encryption for Inner Product: Achieving Constant-Size Ciphertexts with Adaptive Security or Support for Negation

- Computer Science, MathematicsPublic Key Cryptography
- 2010

The notion of negated spatial encryption is introduced, which subsumes non-zero-mode IPE and can be seen as the revocation analogue of the spatial encryption primitive of Boneh and Hamburg.

### Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption

- Computer Science, MathematicsPublic Key Cryptography
- 2011

This paper exhaustively checks the verifiability of existing ABE schemes and found that most of them satisfy such a property, hence CCA-secure versions of these schemes can be obtained automatically.

### Generalized Key Delegation for Hierarchical Identity-Based Encryption

- Computer Science, MathematicsESORICS
- 2007

A new primitive called WKD-IBE, or "wicked IBE", that enhances the concept of hierarchical identity-based encryption (HIBE) by allowing more general key delegation patterns and provides appropriate security notions and provably secure instantiations with different tradeoffs in terms of ciphertext size and efficiency.

### Multi-authority Attribute Based Encryption

- Computer ScienceTCC
- 2007

The question of whether a scheme could be constructed in which multiple authorities were allowed to distribute attributes is answered in the affirmative and how to apply the techniques to achieve a multiauthority version of the large universe fine grained access control ABE is shown.