Paper 2010/084
Attribute-based Authenticated Key Exchange
M. Choudary Gorantla and Colin Boyd and Juan Manuel González Nieto
Abstract
We introduce the concept of attribute-based authenticated key exchange (AB-AKE) within the framework of ciphertext policy attribute-based systems. A notion of AKE-security for AB-AKE is presented based on the security models for group key exchange protocols and also taking into account the security requirements generally considered in the ciphertext policy attribute-based setting. We also extend the paradigm of hybrid encryption to the ciphertext policy attribute-based encryption schemes. A new primitive called encapsulation policy attribute-based key encapsulation mechanism (EP-AB-KEM) is introduced and a notion of chosen ciphertext security is defined for EP-AB-KEMs. We propose an EP-AB-KEM from an existing attribute-based encryption scheme and show that it achieves chosen ciphertext security in the generic group and random oracle models. We present a generic one-round AB-AKE protocol that satisfies our AKE-security notion. The protocol is generically constructed from any EP-AB-KEM that satisfies chosen ciphertext security. Instantiating the generic AB-AKE protocol with our EP-AB-KEM will result in a concrete one-round AB-AKE protocol also secure in the generic group and random oracle models.
Note: A section on hybrid CP-ABE has been added. A few typos have been corrected.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. To appear at ACISP 2010. This is full version with proofs.
- Keywords
- Attribute-based Key ExchangeAttribute-based KEMGroup Key Exchange
- Contact author(s)
- mc gorantla @ gmail com
- History
- 2010-04-24: last of 2 revisions
- 2010-02-22: received
- See all versions
- Short URL
- https://ia.cr/2010/084
- License
-
CC BY