Proposal for Quantum Ciphertext-Policy Attribute-Based Encryption

Indonesian Journal of Electrical Engineering and Computer Science

Attribute-Based Encryption is a relatively new concept in the field of cryptography, and it allows only the authorized entities to decrypt a message. This type of encryption is the mechanism by which the users may encrypt and decrypt data based on user attributes. This paper proposes the first quantum alternative of the scheme Key-Policy Attribute-Based Encryption, where the information, the encryption/decryption key, and the attributes are made of qutrits.

2018

The current society, with a rapidly multiplying data volume, offered new valences and created new opportunities to develop cryptography. Public-key cryptosystems are the most important contribution of modern cryptography. Attribute-based encryption corresponds to the public key cryptography, and enables plain text access only if the user has all the attributes which the original text was encrypted with. There are two types of Attribute-based encryption: Key-Policy Attribute-Based Encryption and Ciphertext-Policy AttributeBased Encryption. The basic idea of Ciphertext-policy Attribute-based encryption scheme is that a cryptotext is associated to an access policy. In Ciphertext-Policy Attribute-Based Encryption the authorization is included in the encrypted data, and only users who satisfy the associated policy can decrypt the data. Data can be encrypted without knowing the number of users who can decrypt, but only specifying the policy enabling the decrypt. This paper proposes a quan...

DOAJ (DOAJ: Directory of Open Access Journals), 2017

In Ciphertext Policy Attribute-Based Encryption (CP-ABE) system, a set of attributes is associated with the private keys of each user. Also, the ciphertext is attached with a policy which is defined over that set of attributes. A user can decrypt the ciphertext if the ciphertext's policy is satisfied by the attributes associated hith her private key. Traditional CP-ABE schemes, based on number theoretic problems, rely on a trustworthy central authority. But in many distributed applications it is expected that such authorities should be decentralized to avoid the risks of single-point failure. While the number theory-based hardness problems are prone to quantum attacks, lattice-based hardness problems can resist such attacks. In this paper, we construct a Decentralized Ciphertext-Policy Attribute-Based Encryption (DCP-ABE) scheme. Under this scheme, any participating entity can act as an authority by creating a public key. The athority utilizes the users' attributes to generate the private keys for them. Any user can encrypt data in terms of any monotone access structure over attributes issued from any chosen set of authorities. Hence the protocol does not depend on any central authority. We utilize Learning With Errors over Rings (R-LWE) as the underlying hardness assumption for te protocol. The proposed post-quantum protocol achieves security under selective-set model whereby adversaries are allowed to corrupt any authority only statically through adaptive key queries.

Research Square (Research Square), 2024

In the contemporary landscape of advanced technological ecosystems, the ubiquity of cloud computing serves as a cornerstone for orchestrating and maintaining a myriad of global datasets, information repositories, and service infrastructures. This widespread adoption of cloud computing, however, has brought forth a pressing need to confront and mitigate security challenges, necessitating the formulation of resilient protocols to safeguard the sanctity and confidentiality of data. In response to this imperative, our research endeavors to propose an innovative and secure paradigm for cloud data access, harnessing the synergies of attribute-based cryptography (ABC) and quantum key distribution (QKD). This methodology capitalizes on the intrinsic security of quantum channels to facilitate the secure transmission of cryptographic keys across nodes. We validate the effectiveness of our model through extensive simulations. This comparison, which is based on state-of-the-art methods, looks at a wide range of performance metrics, such as the time it takes to create a key, the time it takes to decrypt and encrypt, and other important factors. Compared to state-of-the-art algorithms, our proposed algorithm performs better with better encoding times (2.6s to 5.2s) and decryption timings (1.2s to 3.6s). While QKD-ABC regularly obtains the shortest analysis times (29.1s to 149.1s), it is clear that QKD-ABC is the best method for safe cloud data access. The particular numerical metrics demonstrate the unmatched performance of QKD-ABC in a variety of activities.

Journal of Universal Computer Science, 2015

Access control can selectively restrict access to sensitive information stored by third-party sites on the Internet. Attribute-based encryption (ABE) schemes can strengthen the effective combination of flexibility and operability of access control. They allow one sender to encrypt a message for more than one recipient, and to specify who should be able to decrypt, using attributes alone. Since 2005, many powerful ABE schemes have been presented, but there are two types of problem that haven't be efficiently resolved so far. On the one hand, as practical extension of identity-based encryption (IBE) schemes, ABE schemes are also confronted with key escrow problem. On the other hand, attribute set belonging to one user is usually monitored by different authorities in this era of collaboration. Multi-authority ABE (MA-ABE) schemes can simultaneously resolve these problems, but now they have not been thoroughly investigated yet. More precisely, MA-ABE schemes against quantum attack are the main barrier of the development of ABE schemes in a 'post-quantum' world. In this paper, we firstly present a MA-ABE scheme from lattices, in which identities of users are authenticated by a central authority, which improves the efficiency of authentication. Furthermore, different attribute private keys are still distributed by different authorities, and the central authority cannot obtain any secret information of other attribute authorities, which resolves key escrow problem to some extent. In MA-ABE, attribute private keys belonging to one user are generated by different authorities, and how to ensure correct decryption is one of the crux of schemes. Our scheme gives a simple solution, and each user's attribute private keys are combined using sharing of common public information to automatically realize correct decryption. To our best knowledge, this is the first MA-ABE scheme from lattices, and it is more efficient than the MA-ABE presented by Melissa Chase. Finally, we present a multi-authority large universe ABE scheme, in which the sizes of the public key and the ciphertext are only relative to the number of the attribute authorities, and a user will be able to decrypt a ciphertext if and only if he has at least tK attributes from each authority K.

2015 24th International Conference on Computer Communication and Networks (ICCCN), 2015

Access control can selectively restrict access to sensitive information stored by third-party sites on the Internet. Attribute-based encryption (ABE) schemes can strengthen the effective combination of flexibility and operability of access control. They allow one sender to encrypt a message for more than one recipient, and to specify who should be able to decrypt, using attributes alone. Since 2005, many powerful ABE schemes have been presented, but there are two types of problem that haven't be efficiently resolved so far. On the one hand, as practical extension of identity-based encryption (IBE) schemes, ABE schemes are also confronted with key escrow problem. On the other hand, attribute set belonging to one user is usually monitored by different authorities in this era of collaboration. Multi-authority ABE (MA-ABE) schemes can simultaneously resolve these problems, but now they have not been thoroughly investigated yet. More precisely, MA-ABE schemes against quantum attack are the main barrier of the development of ABE schemes in a 'post-quantum' world. In this paper, we firstly present a MA-ABE scheme from lattices, in which identities of users are authenticated by a central authority, which improves the efficiency of authentication. Furthermore, different attribute private keys are still distributed by different authorities, and the central authority cannot obtain any secret information of other attribute authorities, which resolves key escrow problem to some extent. In MAABE, attribute private keys belonging to one user are generated by different authorities, and how to ensure correct decryption is one of the crux of schemes. Our scheme gives a simple solution, and each user's attribute private keys are combined using sharing of common public information to automatically realize correct decryption. To our best knowledge, this is the first MA-ABE scheme from lattices, and it is more efficient than the MA-ABE presented by Melissa Chase. Finally, we present a multi-authority large universe ABE scheme, in which the sizes of the public key and the ciphertext are only relative to the number of the attribute authorities, and a user will be able to decrypt a ciphertext if and only if he has at least tK attributes from each authority K.

A new fully secure ciphertext-policy attributed based encryption (CP-ABE) scheme with high expressibity access policy is presented. Our CP-ABE scheme uses tree-based access structure which includes AND, OR, threshold and NOT gates which granted high degree of expressibility for encryptor to make an access policy. Moreover, our scheme achieves full security CP-ABE definition where any access structure can be chosen as the challenge ciphertext. The proposed CP-ABE uses composite bilinear groups and dual encryption paradigm to achieve full security CP-ABE definition. We argue that our CP-ABE scheme is secure and feasible.

International Journal of Applied Cryptography, 2010

An Attribute-Based Encryption (ABE) is an encryption scheme, where users with some attributes can decrypt ciphertexts associated with these attributes. The length of the ciphertext depends on the number of attributes in previous ABE schemes. In this paper, we propose a new Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with constant ciphertext length. In our scheme, the number of pairing computations is also constant. In addition, the number of additional bits required from CPA-secure CP-ABE to CCA-secure CP-ABE is reduced by 90% with respect to that of the previous scheme.

Lecture Notes in Computer Science, 2009

In a ciphertext-policy attribute-based encryption (CP-ABE) scheme, the data is encrypted under an access policy defined by a user who encrypts the data and a user secret key is associated with a set of attributes which identify the user. A user can decrypt the ciphertext if and only if his attributes satisfy the access policy. In CP-ABE, since the user enforces the access policy at the encryption phase, the policy moves with the encrypted data. This is important for data storage servers where data confidentiality must be preserved even if the server is compromised or un-trusted. In this paper, we provide an efficient CP-ABE scheme which can express any access policy represented by a formula involving ∧ and ∨ boolean operators. The scheme is secure under Decision Bilinear Diffie-Hellman assumption (DBDH). Furthermore, we extend the expressivity of the scheme by including of (threshold) operator in addition to ∧ and ∨ operators. We provide a comparison with existing CP-ABE schemes and show that our schemes are more efficient. Especially, the computational work done by the decryptor is reduced.

Journal of Information Science and Engineering, 2016

When data is outsourced to a remote storage server, searchable encryption plays an important role to protect data privacy while allowing users to retrieve data in the massive ciphertext. As far as we know, most of the existing searchable encryption schemes work based on the bilinear map. These schemes may not be secure in the quantum age. Both discrete logarithms and factorization can be solved by quantum computer in a polynomial time. There is very few searchable encryption scheme that can be proved secure in post quantum age. In this paper, in order to construct a post-quantum secure scheme for future cloud storage, we suggest a public key encryption with semantic keyword search using the lattice based mechanism. The suggested scheme is proved secure against indistinguishable chosen-keyword attacks (IND-CKA) based on learning with errors (LWE) problem. This scheme is believed to be secure in quantum-era due to the quantum intractability of the LWE problem.