Paper 2021/074

Cross-Domain Attribute-Based Access Control Encryption

Mahdi Sedaghat and Bart Preneel


Logic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damg\aa rd et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users' anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been proposed, but they have huge ciphertext and key sizes and/or rely on indistinguishability obfuscation. At IEEE S&P 2021, Wang and Chow proposed a Cross-Domain ACE scheme with constant-size ciphertext and arbitrary identity-based policy; the key generators are separated into two distinct parties, called Sender Authority and Receiver Authority. In this paper, we improve over their work with a novel construction that provides a more expressive access control policy based on attributes rather than on identities, the security of which relies on standard assumptions. Our generic construction combines Structure-Preserving Signatures, Non-Interactive Zero-Knowledge proofs, and Re-randomizable Ciphertext-Policy Attribute-Based Encryption schemes. Moreover, we propose an efficient scheme in which the sizes of ciphertexts and encryption and decryption keys are constant and thus independent of the number of receivers and their attributes. Our experiments demonstrate that not only is our system more flexible, but it also is more efficient and results in shorter decryption keys (reduced from about 100 to 47 bytes) and ciphertexts (reduced from about 1400 to 1047 bytes).

Note: This is the full version of the CANS 2021 paper.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Minor revision. CANS 2021 – 20th International Conference on Cryptology and Network Security
Access Control EncryptionStructure-Preserving SignatureNon-Interactive Zero-Knowledge proofszkSNARKs.
Contact author(s)
ssedagha @ esat kuleuven be
2022-03-26: last of 4 revisions
2021-01-22: received
See all versions
Short URL
Creative Commons Attribution


      author = {Mahdi Sedaghat and Bart Preneel},
      title = {Cross-Domain Attribute-Based Access Control Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2021/074},
      year = {2021},
      doi = {10.1007/978-3-030-92548-2_1},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.