Cryptology ePrint Archive: Report 2017/054

Attribute-Based Encryption Implies Identity-Based Encryption

Javier Herranz

Abstract: In this short paper we formally prove that designing attribute-based encryption schemes cannot be easier than designing identity-based encryption schemes. In more detail, we show how an attribute-based encryption scheme which admits, at least, AND policies can be combined with a collision-resistant hash function to obtain an identity-based encryption scheme.

Even if this result may seem natural, not surprising at all, it has not been explicitly written anywhere, as far as we know. Furthermore, it may be an unknown result for some people: Odelu et al. \cite{OdKu16,J+17} have proposed both an attribute-based encryption scheme in the Discrete Logarithm setting, without bilinear pairings, and an attribute-based encryption scheme in the RSA setting, both admitting AND policies. If these schemes were secure, then by using the implication that we prove in this paper, we would obtain secure identity-based encryption schemes in both the RSA and the Discrete Logarithm settings, without bilinear pairings, which would be a breakthrough in the area. Unfortunately, we present here complete attacks of the two schemes proposed by Odelu et al. in \cite{OdKu16,J+17}.

Category / Keywords: cryptographic protocols / attribute-based encryption, identity-based encryption

Date: received 24 Jan 2017, last revised 15 Mar 2017

Contact author: javier herranz at upc edu

Available format(s): PDF | BibTeX Citation

Note: I found another paper by Odelu, Kas et al., recently accepted for publication in another journal (also with publication funded by authors), proposing a (surprising) RSA-based ABE scheme. New section 5 contains an explicit attack against this new scheme.

Version: 20170315:140708 (All versions of this report)

Short URL: ia.cr/2017/054

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]