We prove that our scheme is semi-adaptively secure, namely, the adversary can choose the challenge attribute after seeing the public parameters (but before any decryption keys). Previous LWE-based constructions were only able to achieve selective security. (We stress that the complexity leveraging technique is not applicable for unbounded attributes.)
We believe that our techniques are of interest at least as much as our end result. Fundamentally, selective security and bounded attributes are both shortcomings that arise out of the current LWE proof techniques that program the challenge attributes into the public parameters. The LWE toolbox we develop in this work allows us to "delay" this programming. In a nutshell, the new tools include a way to generate an a-priori unbounded sequence of LWE matrices, and have fine-grained control over which trapdoor is embedded in each and every one of them, all with succinct representation.
Category / Keywords: public-key cryptography / attribute-based encryption Date: received 11 Feb 2016, last revised 13 Mar 2016 Contact author: vinodv at mit edu Available format(s): PDF | BibTeX Citation Note: Typo fixed. Version: 20160313:151312 (All versions of this report) Short URL: ia.cr/2016/118 Discussion forum: Show discussion | Start new discussion