Paper 2010/351
Decentralizing Attribute-Based Encryption
Allison Lewko and Brent Waters
Abstract
We propose a Multi-Authority Attribute-Based Encryption (ABE) system. In our system, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. A party can simply act as an ABE authority by creating a public key and issuing private keys to different users that reflect their attributes. A user can encrypt data in terms of any boolean formula over attributes issued from any chosen set of authorities. Finally, our system does not require any central authority. In constructing our system, our largest technical hurdle is to make it collusion resistant. Prior Attribute-Based Encryption systems achieved collusion resistance when the ABE system authority ``tied'' together different components (representing different attributes) of a user's private key by randomizing the key. However, in our system each component will come from a potentially different authority, where we assume no coordination between such authorities. We create new techniques to tie key components together and prevent collusion attacks between users with different global identifiers. We prove our system secure using the recent dual system encryption methodology where the security proof works by first converting the challenge ciphertexts and private keys to a semi-functional form and then arguing security. We follow a recent variant of the dual system proof technique due to Lewko and Waters and build our system using bilinear groups of composite order. We prove security under similar static assumptions to the LW paper in the random oracle model.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. Unknown status
- Contact author(s)
- bwaters @ cs utexas edu
- History
- 2013-08-04: last of 6 revisions
- 2010-06-18: received
- See all versions
- Short URL
- https://ia.cr/2010/351
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/351, author = {Allison Lewko and Brent Waters}, title = {Decentralizing Attribute-Based Encryption}, howpublished = {Cryptology {ePrint} Archive, Paper 2010/351}, year = {2010}, url = {https://eprint.iacr.org/2010/351} }