# Attribute-Based Encryption Schemes with Constant-Size Ciphertexts

1 Research Team for Security Fundamentals
RCIS - Research Center for Information Security
3 Equipe AMACC - Laboratoire GREYC - UMR6072
GREYC - Groupe de Recherche en Informatique, Image, Automatique et Instrumentation de Caen
6 UNESCO Chair in Data Privacy
CRISES Research Group
Abstract : Attribute-based encryption (ABE), as introduced by Sahai and Waters, allows for fine-grained access control on encrypted data. In its key-policy flavor (the dual ciphertext-policy scenario proceeds the other way around), the primitive enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed to decrypt. In most ABE systems, the ciphertext size grows linearly with the number of ciphertext attributes and the only known exception only supports restricted forms of access policies. This paper proposes the first attribute-based encryption (ABE) schemes allowing for truly expressive access structures and with constant ciphertext size. Our first result is a ciphertext-policy attribute-based encryption (CP-ABE) scheme with $O(1)$-size ciphertexts for threshold access policies and where private keys remain as short as in previous systems. As a second result, we show that a certain class of identity-based broadcast encryption schemes generically yields monotonic key-policy attribute-based encryption (KP-ABE) systems in the selective set model. Our final contribution is a KP-ABE realization supporting non-monotonic access structures ({\it i.e.}, that may contain negated attributes) with short ciphertexts. As an intermediate step towards this result, we describe a new efficient identity-based revocation mechanism that, when combined with a particular instantiation of our general monotonic construction, gives rise to the most expressive KP-ABE realization with constant-size ciphertexts. The downside of our second and third constructions is that private keys have quadratic size in the number of attributes. On the other hand, they reduce the number of pairing evaluations to a constant, which appears to be a unique feature among expressive KP-ABE schemes.
Type de document :
Article dans une revue
Theoretical Computer Science, Elsevier, 2012, 422, pp.15-38
Liste complète des métadonnées

Littérature citée [43 références]

https://hal.inria.fr/hal-00763158
Contributeur : Fabien Laguillaumie <>
Soumis le : mardi 11 décembre 2012 - 09:58:22
Dernière modification le : jeudi 11 janvier 2018 - 06:26:28
Document(s) archivé(s) le : mardi 12 mars 2013 - 03:52:41

### Fichier

short_ABE_TCS.pdf
Fichiers produits par l'(les) auteur(s)

### Identifiants

• HAL Id : hal-00763158, version 1

### Citation

Nuttapong Attrapadung, Javier Herranz, Fabien Laguillaumie, Benoît Libert, Elie De Panafieu, et al.. Attribute-Based Encryption Schemes with Constant-Size Ciphertexts. Theoretical Computer Science, Elsevier, 2012, 422, pp.15-38. 〈hal-00763158〉

### Métriques

Consultations de la notice

## 395

Téléchargements de fichiers