University of Wollongong
Browse

Ciphertext-policy attribute-based encryption with key-delegation abuse resistance

Download (380.4 kB)
journal contribution
posted on 2024-11-15, 07:54 authored by Yinhao Jiang, Willy SusiloWilly Susilo, Yi Mu, Fuchun GuoFuchun Guo
Attribute-based encryption (ABE) is a promising cryptographic primitive that allows one-to-many encryption. In such a system, users' private keys are linked to their access rights. We note that if a user can generate a new private key for a portion of his/her access right, this could potentially lead to some undesirable situations, which violate the access control policy. Interestingly, to date, there is no work that looks into this matter in detail nor addresses it. We point out that this is a "property" that exists in ABE systems, which we refer to "key-delegation abuse". ABE systems that suffer from key-delegation abuse will hinder the adoption of these systems in practice. In this work, for the first time in the literature, we address the "key-delegation abuse" problem in Ciphertext-policy Attribute-based Encryption (CP-ABE) systems. We introduce a new mechanism to enhance CP-ABE schemes that provide protections against this key-delegation abuse issue. We formalize the security requirements for such a property, and subsequently construct a CP-ABE scheme that satisfies the new security requirements. We also present an application of our scheme to a traceable CP-ABE, where the "traitors", i.e. the users who have leaked their keys, can be traced. address the "key-delegation abuse" problem in Ciphertext-policy Attribute-based Encryption (CP-ABE) systems. We introduce a new mechanism to enhance CPABE schemes that provide protections against this key-delegation abuse issue. We formalize the security requirements for such a property, and subsequently construct a CP-ABE scheme that satisfies the new security requirements.We also present an application of our scheme to a traceable CP-ABE, where the "traitors", i.e. the users who have leaked their keys, can be traced.

History

Citation

Jiang, Y., Susilo, W., Mu, Y. & Guo, F. (2016). Ciphertext-policy attribute-based encryption with key-delegation abuse resistance. Lecture Notes in Computer Science, 9722 477-494. Melbourne, Australia Information Security and Privacy: 21st Australasian Conference, ACISP 2016, Melbourne, VIC, Australia, July 4-6, 2016, Proceedings, Part I

Journal title

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volume

9722

Pagination

477-494

Language

English

RIS ID

106717

Usage metrics

    Categories

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC