Cryptology ePrint Archive: Report 2021/1172

Systematizing Core Properties of Pairing-Based Attribute-Based Encryption to Uncover Remaining Challenges in Enforcing Access Control in Practice

Marloes Venema and Greg Alpár and Jaap-Henk Hoepman

Abstract: Attribute-based encryption (ABE) cryptographically implements fine-grained access control on data. As such, data can be stored by an entity that is not necessarily trusted to enforce access control, or an entity that is not even trusted to have access to the plaintext data at all. Instead, access control can be externally enforced by a trusted entity. Additionally, some multi-authority variants of ABE---which do not have a central authority---can effectively and securely implement access control in multiple-domain settings. Furthermore, ABE is the only cryptographic approach to fine-grained access control that does not require an online trusted third party during access requests, and thus provides better availability properties.

Many schemes use pairings due to their versatility and efficiency. In the last sixteen years, much progress has been made in pairing-based ABE. Along the way, several important core properties have been proposed. Nowadays, it is possible to support most core functionality under strong security guarantees, while incurring acceptable storage and computational costs. It is therefore a good time to ask ourselves whether pairing-based ABE has reached its full potential. To answer this question, we provide a comprehensive systemized overview of various existing pairing-based ABE schemes and their properties. We use this overview to analyze how the core properties are realized, and whether they are compatible with one another. Furthermore, we investigate the relationship between the ABE properties and real-world properties such as confidentiality, integrity, and availability. In our analyses, we uncover some remaining challenges, which we pose as open problems. If these can be solved, ABE reaches its full potential, implementing efficient and secure access control.

Category / Keywords: public-key cryptography / attribute-based encryption, access control, systematization of knowledge

Date: received 13 Sep 2021

Contact author: m venema at cs ru nl, g alpar at cs ru nl, jhh at cs ru nl

Available format(s): PDF | BibTeX Citation

Version: 20210914:175908 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]