Skip to main content
SpringerLink
Log in

Revocable Decentralized Multi-Authority Functional Encryption

  • Conference paper
  • First Online:
Progress in Cryptology – INDOCRYPT 2016 (INDOCRYPT 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10095))

Included in the following conference series:

Abstract

Attribute-Based Encryption (ABE) is regarded as one of the most desirable cryptosystems realizing data security in the cloud storage systems. Functional Encryption (FE) which includes ABE and the ABE system with multiple authorities are studied actively today. However, ABE has the attribute revocation problem. In this paper, we propose a new revocation scheme using update information, i.e., revocation patch (not update key), in which an encryptor does not need to care about the revocation list. We propose an FE scheme with multiple authorities and no central authority supporting revocation by using revocation patch. Our proposal realizes the revocation on the attribute level. More precisely, we introduce the new concept, i.e., the revocation on the category level that is a generalization of attribute level. We prove that our construction is adaptively secure against chosen plaintext attacks and static corruption of authorities based on the decisional linear (DLIN) assumption.

This work was completed while the corresponding author was a graduate student at University of Tsukuba.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The scheme of [8] can hide the revocation list (i.e., identities of revoked users) specified for ciphertexts in a provably secure way, but an encryptor needs to care about revocation lists. We note that an encryptor does not have to care about the revocation list in the schemes supporting indirect revocation [4, 11, 21] and our scheme. However, we note that the aim of the indirect revocation [4, 11, 21] and our scheme is not to hide the revocation list specified for ciphertexts in a provably secure way.

  2. 2.

    We define a user’s attribute revocation list with its version \(\mathsf {v}_{t}\): \({r\ell }_\mathsf{{v}_{t}}\subseteq \{1,\ldots ,{N}_{max,t}\}\).

  3. 3.

    We assume that a revoked user can become unrevoked again (possibly several times) after the user was revoked.

  4. 4.

    Here, we define \(\mathsf {FindNode}:{\{0,1\}}^{*}\times \{(t,\vec {x}_{A,t})\}\times \mathbb {N}\cup \{0\}\rightarrow \{1,\ldots ,{N}_{max,t}\}\). The \(\mathsf {FindNode}\) is not a priori function. An attribute authority assigns \((\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})\) to the \(\mathsf {FindNode}(\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})\)-th leaf node newly and uniquely every time the user key is issued. We remark that an attribute authority can decide how to choose a leaf by itself as long as the assignment is unique. Then, let “user u” in the subset-cover revocation framework equal \(\mathsf {FindNode}(\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})\). That is, \(\mathsf {FindNode}(\mathsf {gid},(t,\vec {x}_{A,t}),\mathsf {rt})=u\in \{1,\ldots ,{N}_{max,t}\}\).

  5. 5.

    We note that actually each authority can manage several attribute categories.

  6. 6.

    For example, a user is initially unrevoked, and the user may be revoked. If the user becomes unrevoked again, then rt is 1.

References

  1. Attrapadung, N., Imai, H.: Conjunctive broadcast and attribute-based encryption. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 248–265. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03298-1_16

    Chapter  Google Scholar 

  2. Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Parker, M.G. (ed.) IMACC 2009. LNCS, vol. 5921, pp. 278–300. Springer, Heidelberg (2009). doi:10.1007/978-3-642-10868-6_17

    Chapter  Google Scholar 

  3. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, pp. 321–334 (2007)

    Google Scholar 

  4. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM CCS 2008, pp. 417–426 (2008)

    Google Scholar 

  5. Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19571-6_16

    Chapter  Google Scholar 

  6. Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). doi:10.1007/978-3-540-70936-7_28

    Chapter  Google Scholar 

  7. Datta, P., Dutta, R., Mukhopadhyay, S.: Adaptively secure unrestricted attribute-based encryption with subset difference revocation in bilinear groups of prime order. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2016. LNCS, vol. 9646, pp. 325–345. Springer, Heidelberg (2016). doi:10.1007/978-3-319-31517-1_17

    Chapter  Google Scholar 

  8. González-Nieto, J.M., Manulis, M., Sun, D.: Fully private revocable predicate encryption. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 350–363. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31448-3_26

    Chapter  Google Scholar 

  9. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM CCS 2006, pp. 89–98 (2006)

    Google Scholar 

  10. Horváth, M.: Attribute-based encryption optimized for cloud computing. In: Italiano, G.F., Margaria-Steffen, T., Pokorný, J., Quisquater, J.-J., Wattenhofer, R. (eds.) SOFSEM 2015. LNCS, vol. 8939, pp. 566–577. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46078-8_47

    Google Scholar 

  11. Lee, K., Choi, S.G., Lee, D.H., Park, J.H., Yung, M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 235–254. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42033-7_13

    Chapter  Google Scholar 

  12. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20465-4_31

    Chapter  Google Scholar 

  13. Lewko, A.B.: Functional encryption: new proof techniques and advancing capabilities. Ph.D. thesis, The University of Texas (2012)

    Google Scholar 

  14. Müller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute-based encryption. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 20–36. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00730-9_2

    Chapter  Google Scholar 

  15. Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). doi:10.1007/3-540-44647-8_3

    Chapter  Google Scholar 

  16. Okamoto, T., Takashima, K.: Fully secure functional encryption with general relations from the decisional linear assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_11

    Chapter  Google Scholar 

  17. Okamoto, T., Takashima, K.: Fully secure unbounded inner-product and attribute-based encryption. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 349–366. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_22

    Chapter  Google Scholar 

  18. Okamoto, T., Takashima, K.: Decentralized attribute-based signatures. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 125–142. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36362-7_9

    Chapter  Google Scholar 

  19. Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: ACM CCS 2007, pp. 195–203 (2007)

    Google Scholar 

  20. Qian, J., Dong, X.: Fully secure revocable attribute-based encryption. J. Shanghai Jiaotong Univ. (Sci.) 16(4), 490–496 (2011)

    Article  MATH  Google Scholar 

  21. Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 199–217. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32009-5_13

    Chapter  Google Scholar 

  22. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi:10.1007/11426639_27

    Chapter  Google Scholar 

  23. The full version of this paper. It will appear in the IACR Cryptology ePrint Archive. https://eprint.iacr.org/

Download references

Acknowledgements

This work was supported in part by JSPS KAKENHI Grant Number 26330151 and JSPS and DST under the Japan - India Science Cooperative Program. The authors would like to thank anonymous reviewers for their useful comments.

Author information

Authors and Affiliations

  1. NEC Corporation, 1753, Shimonumabe, Nakahara-Ku, Kawasaki, Kanagawa, 211-8666, Japan

    Hikaru Tsuchida

  2. Faculty of Engineering, Information and Systems, University of Tsukuba, 1-1-1 Tennodai, Tsukuba, Ibaraki, 305-8573, Japan

    Takashi Nishide & Eiji Okamoto

  3. Computer Science Department, KAIST, 291 Daehak-ro, Yuseong-gu, Daejeon, 305-701, Korea

    Kwangjo Kim

Authors
  1. Hikaru Tsuchida
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Takashi Nishide
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eiji Okamoto
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kwangjo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hikaru Tsuchida .

Editor information

Editors and Affiliations

  1. University of Haifa , Haifa, Israel

    Orr Dunkelman

  2. Indraprashtha Institute of Information Technology (IIIT-D), New Delhi, India

    Somitra Kumar Sanadhya

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Tsuchida, H., Nishide, T., Okamoto, E., Kim, K. (2016). Revocable Decentralized Multi-Authority Functional Encryption. In: Dunkelman, O., Sanadhya, S. (eds) Progress in Cryptology – INDOCRYPT 2016. INDOCRYPT 2016. Lecture Notes in Computer Science(), vol 10095. Springer, Cham. https://doi.org/10.1007/978-3-319-49890-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49890-4_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49889-8

  • Online ISBN: 978-3-319-49890-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation