[Resource Topic] 2009/118: A2BE: Accountable Attribute-Based Encryption for Abuse Free Access Control

Welcome to the resource topic for 2009/118

Title:
A2BE: Accountable Attribute-Based Encryption for Abuse Free Access Control

Authors: Jin Li, Kui Ren, Kwangjo Kim

Abstract:

As a recently proposed public key primitive, attribute-based encryption (ABE) (including Ciphertext-policy ABE (CP-ABE) and Key-policy ABE (KP-ABE)) is a highly promising tool for secure access control. In this paper, the issue of key abuse in ABE is formulated and addressed. Two kinds of key abuse problems are considered, i) illegal key sharing among colluding users and ii) misbehavior of the semi-trusted attribute authority including illegal key (re-)distribution. Both problems are extremely important as in an ABE-based access control system, the attribute private keys directly imply users’ privileges to the protected resources. To the best knowledge of ours, such key abuse problems exist in all current ABE schemes as the attribute private keys assigned to the users are never designed to be linked to any user specific information except the commonly shared user attributes. To be concrete, we focus on the prevention of key abuse in CP-ABE in this paper \footnote{Our technique can easily be extended to KP-ABE as well.}. The notion of accountable CP-ABE (CP-A$^2$BE, in short) is first proposed to prevent illegal key sharing among colluding users. The accountability for user is achieved by embedding additional user specific information in the attribute private key issued to the user. To further obtain accountability for the attribute authority as well, the notion of strong CP-A$^2$BE is proposed, allowing each attribute private key to be linked to the corresponding user’s secret that is unknown to the attribute authority. We show how to construct such a strong CP-A$^2$BE and prove its security based on the computational Diffie-Hellman assumption. Finally, we show how to utilize the new technique to solve some open problems existed in the previous accountable identity-based encryption schemes.

ePrint: https://eprint.iacr.org/2009/118

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .