630 likes | 1.18k Views
Attribute-based Encryption. (20110705) Threshold ABE (20110719) KP-ABE (20110719) CP-ABE (20111003) v2. Attribute-Based Encryption. [SW05] Threshold ABE [GPSW06] Key-policy ABE [BSW07] Cipher-policy ABE. [SW05] THRESHOLD ABE. Threshold ABE. aka Fuzzy IBE Using biometrics in IBE
E N D
Attribute-based Encryption (20110705) Threshold ABE (20110719) KP-ABE (20110719) CP-ABE (20111003) v2
Attribute-Based Encryption • [SW05] Threshold ABE • [GPSW06] Key-policy ABE • [BSW07] Cipher-policy ABE
Threshold ABE • aka Fuzzy IBE • Using biometrics in IBE • Identity as a set of “attributes” • First propose the term of Attribute Based Encryption
Setup • Bilinear map: e • e: G1× G1-> G2 • G1 has prime order p • g is a generator of G1
Key-policy ABE • Ciphertexts are labeled with a set of attributes • private keys are associated with access structures that control which ciphertext a user is able to decrypt.
Example • C1(3,5,6,7) ╳ K1( 1 and 2) ○ K2( 3 or 5 ) ○ K3( (1 and 2) or (3 and 7) ) ○ K4 ( 3 out of (1,2,3,4,5,6,7) ) ╳ K5 ( 2 out of (1,2,5) )
Access Tree • (“child” and “<120cm”) or (2 of (“student”, ”<20”, ”disabled”,)) OR AND 2 of 3 “<120cm” “child” “student” “<20” “disabled”
Access Tree • parent(x): parent of a node x • att(x): if x is a leaf node then return the attribute associated with x
Access Tree • index(x): return node’s index 1 3 2 4 5 6 7 8
Setup • Bilinear map: e • e: G1× G1-> G2 • G1 has prime order p • g is a generator of G1
Key Generation • KeyGen(T, MK) Choose a polynomial qx for each node:q1, q2, q3, … , q8. degree(qx)= K(x) - 1 degree(q1) = 0 degree(q2) = 1 degree(q3) = 1 degree(q4) = 0 ︴ degree(q8) = 0
Key Generation q1(0)=y q3(0)=q1(3) q2(0)=q1(2) q4(0)=q2(4) q5(0)=q2(5) q6(0)=q3(6) q8(0)=q3(8) q7(0)=q3(7)
q6(0)=q3(6) q7(0)=q3(7) q3(0)=q1(3)
Cipher-policy ABE • Private keys are labeled with a set S of attributes • Ciphertexts are associated with access structures T that control which user is able to decrypt the ciphertext.
Example • C1( (1 and 2) or (3 of (4,5,6,7)) ) ╳ K1( 1) ○ K2(1, 2) ○ K3(4,5,6) ○ K4 (1,2,4,6,7) ╳ K5 (4,5,8)
Setup • Bilinear map: e • e: G1× G1-> G2 • G1 has prime order p • g is a generator of G1
Setup • U = {a1=child, a2=<120cm, … ,an } • U is the set of all attributes • H: U -> G1
Encryption • q1(0)=s q3(0)=q1(3) q2(0)=q1(2) q4(0)=q2(4) q5(0)=q2(5) q6(0)=q3(6) q8(0)=q3(8) q7(0)=q3(7)