Cryptology ePrint Archive: Report 2019/1257

Expressive CP-ABE Scheme Satisfying Constant-Size Keys and Ciphertexts

Dhaval Khandla and Het Shahy and Manish Kumar Bz and Alwyn Roshan Pais and Nishant Raj

Abstract: Ciphertext-policy attribute-based encryption (CP-ABE) is a desirable scheme to use in cloud-based applications, especially on IoT devices. As most of these devices are battery-limited and memory-limited, leading to a constraint in designing a robust and straightforward mechanism involving less computation and less memory. But none of the systems are secure and based on conventional cryptosystems. Here we propose a constant-size secret key and constant-size ciphertext scheme based on RSA cryptosystem, which performs encryption and decryption in O(1) time complexity. We also prove that the scheme is secure and compare it with already existing schemes.

Category / Keywords: public-key cryptography / Ciphertext-policy attribute-based encryption, cloud computing, constant- size secret key, constant-size ciphertext, RSA-based cryptography

Date: received 29 Oct 2019

Contact author: alwyn at nitk ac in, alwyn pais@gmail com

Available format(s): PDF | BibTeX Citation

Note: A security flaw was shown in the scheme of V. Odelu et al. (Expressive cp-abe scheme for mobile devices in IoT satisfying constant-size keys and ciphertexts. IEEE Access, 5:32733283, 2017) by J. Herranz(Attribute-based encryption implies identity-based encryption. IET Information Security, 11(6):332337, 2017). It was proven that the scheme is not collusion resistant, by showing a scenario where users not having required attributes satisfying the policy can collude in order to decipher the ciphertext. It is observed that if the union of attributes of a set of colluding users satisfies the policy, then the attack is possible. Here, we present a modification over the proposed scheme by V. Odelu et al.(Expressive cp-abe scheme for mobile devices in IoT satisfying constant-size keys and ciphertexts. IEEE Access, 5:32733283, 2017) in order to avoid the attack. The proposed scheme is based on the RSA cryptosystem with an AND gate access structure and uses constant-size secret keys and ciphertexts. Also, our scheme performs encryption and decryption efficiently, i.e., in O(1) time complexity.

Version: 20191105:075940 (All versions of this report)

Short URL: ia.cr/2019/1257


[ Cryptology ePrint archive ]