Paper 2021/1325

Decentralized Multi-Authority ABE for NC^1 from Computational-BDH

Pratish Datta, Ilan Komargodski, and Brent Waters


Decentralized multi-authority attribute-based encryption (𝖬𝖠-𝖠𝖡𝖤) is a strengthening of standard ciphertext-policy attribute-based encryption so that there is no trusted central authority: any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. Essentially, any party can act as an authority for some attribute by creating a public key of its own and issuing private keys to different users that reflect their attributes. This paper presents the first 𝖬𝖠-𝖠𝖡𝖤 proven secure under the standard search variant of bilinear Diffie-Hellman (CBDH) and in the random oracle model. Our scheme supports all access policies captured by 𝖭𝖢1 circuits. All previous constructions were proven secure in the random oracle model and additionally were based on decision assumptions such as the DLIN assumption, non-standard 𝑞-type assumptions, or subspace decision assumptions over composite-order bilinear groups.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
attribute-based encryptionmulti-authoritybilinear Diffie-Hellman
Contact author(s)
pratish datta @ ntt-research com
ilank @ cs huji ac il
bwaters @ cs utexas edu
2021-10-05: received
Short URL
Creative Commons Attribution


      author = {Pratish Datta and Ilan Komargodski and Brent Waters},
      title = {Decentralized Multi-Authority ABE for NC^1 from Computational-BDH},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1325},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.