Cryptology ePrint Archive: Report 2021/074

Cross-Domain Attribute-Based Access Control Encryption

Mahdi Sedaghat and Bart Preneel

Abstract: Logic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damgå rd et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users' anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been proposed, but they have huge ciphertext and key sizes and/or rely on indistinguishability obfuscation. At IEEE S&P 2021, Wang and Chow proposed a Cross-Domain ACE scheme with constant-size ciphertext and arbitrary identity-based policy; the key generators are separated into two distinct parties, called Sender Authority and Receiver Authority. In this paper, we improve over their work with a novel construction that provides a more expressive access control policy based on attributes rather than on identities, the security of which relies on standard assumptions. Our generic construction combines Structure-Preserving Signatures, Non-Interactive Zero-Knowledge proofs, and Re-randomizable Ciphertext-Policy Attribute-Based Encryption schemes. Moreover, we propose an efficient scheme in which the sizes of ciphertexts and encryption and decryption keys are constant and thus independent of the number of receivers and their attributes. Our experiments demonstrate that not only is our system more flexible, but it also is more efficient and results in shorter decryption keys (reduced from about 100 to 47 bytes) and ciphertexts (reduced from about 1400 to 1047).

Category / Keywords: public-key cryptography / Access Control Encryption; Ciphertext-Policy Attribute-Based Encryption; Structure-Preserving Signature; Non-Interactive Zero-Knowledge proofs; zkSNARKs.

Original Publication (with minor differences): CANS 2021 – 20th International Conference on Cryptology and Network Security
DOI:
10.1007/978-3-030-92548-2_1

Date: received 21 Jan 2021, last revised 13 Dec 2021

Contact author: ssedagha at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the CANS 2021 paper.

Version: 20211213:101841 (All versions of this report)

Short URL: ia.cr/2021/074


[ Cryptology ePrint archive ]