# Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption

@inproceedings{Yamada2011GenericCF, title={Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption}, author={Shota Yamada and Nuttapong Attrapadung and Goichiro Hanaoka and Noboru Kunihiro}, booktitle={International Conference on Theory and Practice of Public Key Cryptography}, year={2011} }

In this paper we propose generic conversions for transforming a chosen-plaintext (CPA) secure attribute-based encryption (ABE) to a chosen-ciphertext (CCA) secure ABE. The only known generic conversion, to the best of our knowledge, was presented by Goyal et al. in ACM-CCS 2006, which itself subsumes the well-known IBE-to-PKE conversion by Canetti, Halevi, and Katz proposed in Eurocrypt 2004. The method by Goyal et al. has some restrictions that it assumes the delegatability of the original ABE…

## 85 Citations

### Direct Chosen-Ciphertext Secure Attribute-Based Key Encapsulations without Random Oracles

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2013

We present a new technique to realize attribute-based encryption (ABE) schemes secure in the standard model against chosen-ciphertext attacks (CCA-secure). Our approach is to extend certain concrete…

### CCA-Secure Ciphertext-Policy Attribute-Based Encryption ?

- Computer Science, Mathematics
- 2018

This work proposes a technique of individually modifying an attribute-based encryption scheme (ABE) into an ABE scheme that is secure against chosen-plaintext attacks (CPA) in the standard model and demonstrates the technique in the case of the Waters ciphertext-policy ABE (CP-ABE).

### Practical Direct Chosen Ciphertext Secure Key-Policy Attribute-Based Encryption with Public Ciphertext Test

- Computer Science, MathematicsESORICS
- 2014

This work shows Chameleon hash can also have unique applications in encryption schemes, and in contrast to the Boyen-Mei-Waters shrink approach from CPA-secure l+1-Hierarchical Identity Based Encryption l-HIBE to CCA2- secure l- HIBE, this approach only adds one on-the-fly dummy attribute.

### Threshold Ciphertext Policy Attribute-Based Encryption with Constant Size Ciphertexts

- Computer Science, MathematicsACISP
- 2012

This paper designs a CPA secure threshold CP-ABE scheme, which can be further upgraded to the CCA security and proves the security of the schemes can be proved under the decisional q-Bilinear Diffie-Hellman Exponent (q-BDHE) assumption in the selective model.

### Master-Key KDM-Secure ABE via Predicate Encoding

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2021

This paper proposes the first generic framework for attribute-based encryptions (ABE) with master-secret-key-dependentmessage security (mKDM security) for affine functions via predicate encodings by Chen, Gay and Wee and obtains a set of new mKDM-secure ABE schemes with high expressiveness that have never been reached before.

### Efficient and Generic Transformations for Chosen-Ciphertext Secure Predicate Encryption

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2022

This work proposes a novel predicate-extension transformation for a large class of pairing-based PE—covered by the pair and the predicate encodings frameworks—which incurs only a small constant overhead for all algorithms, and yields the most efficient generic CCAconversion for ciphertext-policy ABE.

### Computational friendly attribute-based encryptions with short ciphertext

- Computer Science, MathematicsTheor. Comput. Sci.
- 2017

### Computationally Efficient Expressive Key-Policy Attribute Based Encryption Schemes with Constant-Size Ciphertext

- Computer Science, MathematicsICICS
- 2013

In this paper, we present two attribute based encryption (ABE) schemes for monotone access structure (MAS) in the key-policy setting, where secret key is generated according to a MAS, ciphertext is…

### Attribute-based encryption schemes with constant-size ciphertexts

- Computer Science, MathematicsTheor. Comput. Sci.
- 2012

### Generic Conversions from CPA to CCA secure Functional Encryption

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2015

Different ways of obtaining CCA-secure functional encryptions of almost all categories are provided, provided the underlying CPA-secure encryption scheme has either restricted delegation or verifiability feature and it is observed that almost all functional encryption schemes have this feature.

## References

SHOWING 1-10 OF 48 REFERENCES

### Provably secure ciphertext policy ABE

- Computer Science, MathematicsCCS '07
- 2007

The basic scheme is proven to be chosen plaintext (CPA) secure under the decisional bilinear Diffie-Hellman (DBDH) assumption and the Canetti-Halevi-Katz technique is applied to obtain a chosen ciphertext (CCA) secure extension using one-time signatures.

### Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization

- Computer Science, MathematicsPublic Key Cryptography
- 2011

We present a new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model. Our solutions allow any…

### Direct chosen ciphertext security from identity-based techniques

- Computer Science, MathematicsCCS '05
- 2005

A new encryption technique that is secure in the standard model against chosen ciphertext attacks, and as efficient as the Boneh and Katz method (and more so than that of Canetti, Halevi, and Katz).

### Chosen-Ciphertext Security from Identity-Based Encryption

- Computer Science, MathematicsSIAM J. Comput.
- 2007

This work proposes a simple and efficient construction of a CCA-secure public-key encryption scheme from any CPA-secure identity-based encryption (IBE) scheme, which avoids non-interactive proofs of “well-formedness” which were shown to underlie most previous constructions.

### Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts

- Computer Science, MathematicsPublic Key Cryptography
- 2011

This paper proposes the first key-policy attribute-based encryption schemes allowing for non-monotonic access structures (i.e., that may contain negated attributes) and with constant ciphertext size and describes a new efficient identity-based revocation mechanism that gives rise to the first truly expressive KP-ABE realization with constant-size ciphertexts.

### Blind Identity-Based Encryption and Simulatable Oblivious Transfer

- Computer Science, MathematicsASIACRYPT
- 2007

This work builds upon the recent work of Camenisch, Neven, and shelat to construct oblivious transfer (OT) schemes which achieve full simulatability for both sender and receiver and formalizes this notion as blind IBE.

### Constant Size Ciphertexts in Threshold Attribute-Based Encryption

- Computer Science, MathematicsPublic Key Cryptography
- 2010

This paper proposes the first scheme whose ciphertexts have constant size and works for the threshold case, and can be proven in the standard model by reduction to the augmented multi-sequence of exponents decisional Diffie-Hellman (aMSE-DDH) problem.

### A Forward-Secure Public-Key Encryption Scheme

- Computer Science, MathematicsJournal of Cryptology
- 2006

The first constructions of (non-interactive) forward-secure public-key encryption schemes are presented and the main construction achieves security against chosen-plaintext attacks in the standard model, and all parameters are poly-logarithmic in the total number of time periods.

### Conjunctive Broadcast and Attribute-Based Encryption

- Computer Science, MathematicsPairing
- 2009

A new cryptosystem called Broadcast ABE is proposed, used to construct ABE systems with direct revocation mechanism, and appears to be the first fully-functional directly revocable schemes for key-policy and ciphertext-policy.

### Decentralizing Attribute-Based Encryption

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2010

This work creates new techniques to tie key components together and prevent collusion attacks between users with different global identifiers and proves security under similar static assumptions to the LW paper in the random oracle model.