In this paper, we study CP-ABE schemes in which access structures are AND gates on positive and negative attributes. Our basic scheme is proven to be chosen plaintext (CPA) secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. We then apply the Canetti-Halevi-Katz technique to obtain a chosen ciphertext (CCA) secure extension using one-time signatures. The security proof is a reduction to the DBDH assumption and the strong existential unforgeability of the signature primitive.
In addition, we introduce hierarchical attributes to optimize our basic scheme, reducing both ciphertext size and encryption/decryption time while maintaining CPA security. Finally, we propose an extension in which access policies are arbitrary threshold trees, and we conclude with a discussion of practical applications of CP-ABE.Category / Keywords: public-key cryptography / attribute based encryption, ciphertext access policy Date: received 16 May 2007 Contact author: lcheung at theory csail mit edu Available format(s): PDF | BibTeX Citation Version: 20070520:132509 (All versions of this report) Short URL: ia.cr/2007/183 Discussion forum: Show discussion | Start new discussion