Paper 2014/1028

Security Weaknesses of an "Anonymous Attribute Based Encryption" appeared in ASIACCS'13

Payal Chaudhari, Manik Lal Das, and Anish Mathuria

Abstract

Attribute-based Encryption (ABE) has found enormous application in fine-grained access control of shared data, particularly in public cloud. In 2013, Zhang et al proposed a scheme called match-then-decrypt [1], where before running the decryption algorithm the user requires to perform a match operation with attribute(s) that provides the required information to identify whether a particular user is the intended recipient for the ciphertext. As in [1], the match-then-decrypt operation saves the computational cost at the receiver and the scheme supports receivers' anonymity. In this paper, we show that Zhang et al's scheme [1] does not support receivers' anonymity. Any legitimate user or an adversary can successfully check whether an attribute is required in the matching phase, in turn, can reveal the receivers' identity from the attribute.

Note: Minor changes in title, abstract and email id due to typo.

Metadata
Available format(s)
PDF
Publication info
Preprint.
Keywords
Attribute Based EncryptionAnonymityAnonymous EncryptionBilinear Pairing
Contact author(s)
payal ldrp @ gmail com
History
2015-01-05: revised
2015-01-02: received
See all versions
Short URL
https://ia.cr/2014/1028
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/1028,
      author = {Payal Chaudhari and Manik Lal Das and Anish Mathuria},
      title = {Security Weaknesses of an "Anonymous Attribute Based Encryption" appeared in {ASIACCS}'13},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/1028},
      year = {2014},
      url = {https://eprint.iacr.org/2014/1028}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.