Paper 2022/1348

ABE for DFA from LWE against Bounded Collusions, Revisited

Hoeteck Wee, NTT Research

We present a new public-key ABE for DFA based on the LWE assumption, achieving security against collusions of a-priori bounded size. Our scheme achieves ciphertext size $\tilde{O}(\ell + B)$ for attributes of length $\ell$ and collusion size $B$. Prior LWE-based schemes has either larger ciphertext size $\tilde{O}(\ell \cdot B)$, or are limited to the secret-key setting. Along the way, we introduce a new technique for lattice trapdoor sampling, which we believe would be of independent interest. Finally, we present a simple candidate public-key ABE for DFA for the unbounded collusion setting.

Available format(s)
Public-key cryptography
Publication info
A minor revision of an IACR publication in TCC 2021
Contact author(s)
wee @ di ens fr
2022-10-14: approved
2022-10-09: received
See all versions
Short URL
Creative Commons Attribution


      author = {Hoeteck Wee},
      title = {ABE for DFA from LWE against Bounded Collusions, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1348},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.