Cryptology ePrint Archive: Report 2006/309

Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data

Vipul Goyal and Omkant Pandey and Amit Sahai and Brent Waters

Abstract: As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for fine-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumes Hierarchical Identity-Based Encryption (HIBE).

Category / Keywords: public-key cryptography /

Publication Info: Extended abstract to appear in ACM CCS 2006. This is the full version.

Date: received 31 Aug 2006, last revised 7 Oct 2006

Contact author: vipul at cs ucla edu

Available formats: PDF | BibTeX Citation

Note: Typos corrected

Version: 20061007:061901 (All versions of this report)

Discussion forum: Show discussion | Start new discussion