Cryptology ePrint Archive: Report 2010/084

Attribute-based Authenticated Key Exchange

M. Choudary Gorantla and Colin Boyd and Juan Manuel González Nieto

Abstract: We introduce the concept of attribute-based authenticated key exchange (AB-AKE) within the framework of ciphertext policy attribute-based systems. A notion of AKE-security for AB-AKE is presented based on the security models for group key exchange protocols and also taking into account the security requirements generally considered in the ciphertext policy attribute-based setting.

We also extend the paradigm of hybrid encryption to the ciphertext policy attribute-based encryption schemes. A new primitive called encapsulation policy attribute-based key encapsulation mechanism (EP-AB-KEM) is introduced and a notion of chosen ciphertext security is defined for EP-AB-KEMs. We propose an EP-AB-KEM from an existing attribute-based encryption scheme and show that it achieves chosen ciphertext security in the generic group and random oracle models.

We present a generic one-round AB-AKE protocol that satisfies our AKE-security notion. The protocol is generically constructed from any EP-AB-KEM that satisfies chosen ciphertext security. Instantiating the generic AB-AKE protocol with our EP-AB-KEM will result in a concrete one-round AB-AKE protocol also secure in the generic group and random oracle models.

Category / Keywords: Attribute-based Key Exchange, Attribute-based KEM, Group Key Exchange

Publication Info: To appear at ACISP 2010. This is full version with proofs.

Date: received 16 Feb 2010, last revised 24 Apr 2010

Contact author: mc gorantla at gmail com

Available format(s): PDF | BibTeX Citation

Note: A section on hybrid CP-ABE has been added. A few typos have been corrected.

Version: 20100424:175046 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]