You can view the full text of this article for using the link below.
Title: Attribute-based encryption without key cloning
Authors: M. Jason Hinek; Shaoquan Jiang; Reihaneh Safavi-Naini; Siamak F. Shahandashti
Cheriton School of Computer Science, University of Waterloo, 200 University Ave West, Waterloo, Ontario, N2L 3G1, Canada.
School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 611731, China.
Department of Computer Science, University of Calgary, 2500 University Drive, NW, Calgary, Alberta, T2N 1N4, Canada.
Equipe Cryptographie, Département d'Informatique, École Normale Supérieure, 45 rue d'Ulm, 75230 Paris Cedex 05 France
Abstract: In this work, we consider the problem of key cloning in attribute-based encryption schemes. We introduce a new type of attribute-based encryption scheme, called token-based attribute-based encryption (tk-ABE) that provides strong deterrence for key cloning, in the sense that delegation of keys reveals some personal information about the user. It also has the feature that a misbehaving user can be easily revoked. We formalise the security requirements for such a scheme in terms of indistinguishability of the ciphertexts and two new security requirements which we call uncloneability and privacy-preserving. We construct a privacy-preserving uncloneable token-based attribute-based encryption scheme based on Cheung and Newport's ciphertext-policy attribute-based encryption scheme and prove the scheme satisfies the above three security requirements. We also introduce the notion of non-interactive uncloneable attribute-based encryption in order to remove the online token server in the tk-ABE. We then construct such a new scheme with provable security. It should be pointed out that, although our non-interactive scheme is token-free, the scheme does not have the capability to easily revoke users from the scheme. Hence, both types of schemes have their own merits of existence.
Keywords: attribute-based encryption; ABE; access control; key delegation; user revocation; cryptography; key cloning; privacy preservation; security requirements.
Int. J. of Applied Cryptography, 2012 Vol.2, No.3, pp.250 - 270
Date of acceptance: 12 Sep 2011
Available online: 26 Feb 2012