Paper 2016/1089

Homomorphic-Policy Attribute-Based Key Encapsulation Mechanisms

Jérémy Chotard, Duong Hieu Phan, and David Pointcheval


Attribute-Based Encryption (ABE) allows to target the recipients of a message according to a policy expressed as a predicate among some attributes. Ciphertext-policy ABE schemes can choose the policy at the encryption time. In this paper, we define a new property for ABE: homomorphic-policy. A combiner is able to (publicly) combine ciphertexts under different policies into a ciphertext under a combined policy (AND or OR). More precisely, using linear secret sharing schemes, we design Attribute-Based Key Encapsulation Mechanisms (ABKEM) with the Homomorphic-Policy property: given several encapsulations of the same keys under various policies, anyone can derive an encapsulation of the same key under any combination of the policies. As an application, in Pay-TV, this allows to separate the content providers that can generate the encapsulations of a session key under every attributes, this key being used to encrypt the payload, and the service providers that build the decryption policies according to the subscriptions. The advantage is that the aggregation of the encapsulations by the service providers does not contain any secret information.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
Attribute-Based EncryptionHomomorphic-PolicyLSSS
Contact author(s)
duong-hieu phan @ unilim fr
2016-11-22: received
Short URL
Creative Commons Attribution


      author = {Jérémy Chotard and Duong Hieu Phan and David Pointcheval},
      title = {Homomorphic-Policy Attribute-Based Key Encapsulation Mechanisms},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1089},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.