Attribute-sets: A practically motivated enhancement to attribute-based encryption

Rakesh Bobba; Himanshu Khurana; Manoj Prabhakaran

doi:10.1007/978-3-642-04444-1_36

Attribute-sets: A practically motivated enhancement to attribute-based encryption

Rakesh Bobba, Himanshu Khurana, Manoj Prabhakaran

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In distributed systems users need to share sensitive objects with others based on the recipients' ability to satisfy a policy. Attribute-Based Encryption (ABE) is a new paradigm where such policies are specified and cryptographically enforced in the encryption algorithm itself. Ciphertext-Policy ABE (CP-ABE) is a form of ABE where policies are associated with encrypted data and attributes are associated with keys. In this work we focus on improving the flexibility of representing user attributes in keys. Specifically, we propose Ciphertext Policy Attribute Set Based Encryption (CP-ASBE) - a new form of CP-ABE - which, unlike existing CP-ABE schemes that represent user attributes as a monolithic set in keys, organizes user attributes into a recursive set based structure and allows users to impose dynamic constraints on how those attributes may be combined to satisfy a policy. We show that the proposed scheme is more versatile and supports many practical scenarios more naturally and efficiently. We provide a prototype implementation of our scheme and evaluate its performance overhead.

Original language	English (US)
Title of host publication	Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings
Pages	587-604
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-642-04444-1_36
State	Published - 2009
Externally published	Yes
Event	14th European Symposium on Research in Computer Security, ESORICS 2009 - Saint-Malo, France Duration: Sep 21 2009 → Sep 23 2009

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5789 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	14th European Symposium on Research in Computer Security, ESORICS 2009
Country/Territory	France
City	Saint-Malo
Period	9/21/09 → 9/23/09

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Online availability

10.1007/978-3-642-04444-1_36

Library availability

Discover UIUC Full Text

Cite this

Bobba, R., Khurana, H., & Prabhakaran, M. (2009). Attribute-sets: A practically motivated enhancement to attribute-based encryption. In Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings (pp. 587-604). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5789 LNCS). https://doi.org/10.1007/978-3-642-04444-1_36

Attribute-sets: A practically motivated enhancement to attribute-based encryption. / Bobba, Rakesh; Khurana, Himanshu; Prabhakaran, Manoj.
Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. 2009. p. 587-604 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5789 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Bobba, R, Khurana, H & Prabhakaran, M 2009, Attribute-sets: A practically motivated enhancement to attribute-based encryption. in Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5789 LNCS, pp. 587-604, 14th European Symposium on Research in Computer Security, ESORICS 2009, Saint-Malo, France, 9/21/09. https://doi.org/10.1007/978-3-642-04444-1_36

Bobba R, Khurana H, Prabhakaran M. Attribute-sets: A practically motivated enhancement to attribute-based encryption. In Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. 2009. p. 587-604. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-04444-1_36

Bobba, Rakesh ; Khurana, Himanshu ; Prabhakaran, Manoj. / Attribute-sets : A practically motivated enhancement to attribute-based encryption. Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings. 2009. pp. 587-604 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{db147b54d03d4a2d9b55c37e674c6e01,

title = "Attribute-sets: A practically motivated enhancement to attribute-based encryption",

abstract = "In distributed systems users need to share sensitive objects with others based on the recipients' ability to satisfy a policy. Attribute-Based Encryption (ABE) is a new paradigm where such policies are specified and cryptographically enforced in the encryption algorithm itself. Ciphertext-Policy ABE (CP-ABE) is a form of ABE where policies are associated with encrypted data and attributes are associated with keys. In this work we focus on improving the flexibility of representing user attributes in keys. Specifically, we propose Ciphertext Policy Attribute Set Based Encryption (CP-ASBE) - a new form of CP-ABE - which, unlike existing CP-ABE schemes that represent user attributes as a monolithic set in keys, organizes user attributes into a recursive set based structure and allows users to impose dynamic constraints on how those attributes may be combined to satisfy a policy. We show that the proposed scheme is more versatile and supports many practical scenarios more naturally and efficiently. We provide a prototype implementation of our scheme and evaluate its performance overhead.",

author = "Rakesh Bobba and Himanshu Khurana and Manoj Prabhakaran",

year = "2009",

doi = "10.1007/978-3-642-04444-1_36",

language = "English (US)",

isbn = "3642044433",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "587--604",

booktitle = "Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings",

note = "14th European Symposium on Research in Computer Security, ESORICS 2009 ; Conference date: 21-09-2009 Through 23-09-2009",

}

TY - GEN

T1 - Attribute-sets

T2 - 14th European Symposium on Research in Computer Security, ESORICS 2009

AU - Bobba, Rakesh

AU - Khurana, Himanshu

AU - Prabhakaran, Manoj

PY - 2009

Y1 - 2009

N2 - In distributed systems users need to share sensitive objects with others based on the recipients' ability to satisfy a policy. Attribute-Based Encryption (ABE) is a new paradigm where such policies are specified and cryptographically enforced in the encryption algorithm itself. Ciphertext-Policy ABE (CP-ABE) is a form of ABE where policies are associated with encrypted data and attributes are associated with keys. In this work we focus on improving the flexibility of representing user attributes in keys. Specifically, we propose Ciphertext Policy Attribute Set Based Encryption (CP-ASBE) - a new form of CP-ABE - which, unlike existing CP-ABE schemes that represent user attributes as a monolithic set in keys, organizes user attributes into a recursive set based structure and allows users to impose dynamic constraints on how those attributes may be combined to satisfy a policy. We show that the proposed scheme is more versatile and supports many practical scenarios more naturally and efficiently. We provide a prototype implementation of our scheme and evaluate its performance overhead.

AB - In distributed systems users need to share sensitive objects with others based on the recipients' ability to satisfy a policy. Attribute-Based Encryption (ABE) is a new paradigm where such policies are specified and cryptographically enforced in the encryption algorithm itself. Ciphertext-Policy ABE (CP-ABE) is a form of ABE where policies are associated with encrypted data and attributes are associated with keys. In this work we focus on improving the flexibility of representing user attributes in keys. Specifically, we propose Ciphertext Policy Attribute Set Based Encryption (CP-ASBE) - a new form of CP-ABE - which, unlike existing CP-ABE schemes that represent user attributes as a monolithic set in keys, organizes user attributes into a recursive set based structure and allows users to impose dynamic constraints on how those attributes may be combined to satisfy a policy. We show that the proposed scheme is more versatile and supports many practical scenarios more naturally and efficiently. We provide a prototype implementation of our scheme and evaluate its performance overhead.

UR - http://www.scopus.com/inward/record.url?scp=70350357342&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350357342&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-04444-1_36

DO - 10.1007/978-3-642-04444-1_36

M3 - Conference contribution

AN - SCOPUS:70350357342

SN - 3642044433

SN - 9783642044434

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 587

EP - 604

BT - Computer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings

Y2 - 21 September 2009 through 23 September 2009

ER -

Attribute-sets: A practically motivated enhancement to attribute-based encryption

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this