Attribute-Based Encryption for Range Attributes


IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E101-A   No.9   pp.1440-1455
Publication Date: 2018/09/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E101.A.1440
Type of Manuscript: Special Section PAPER (Special Section on Discrete Mathematics and Its Applications)
attribute-based encryption,  range attribute,  generic construction,  

Full Text: PDF(2MB)
>>Buy this Article

Attribute-Based Encryption (ABE) is an advanced form of public-key encryption where access control mechanisms based on attributes and policies are possible. In conventional ABE, attributes are specified as strings. However, there are certain applications where it is useful to specify attributes as numerical values and consider a predicate that determines if a certain numerical range would include a certain value. Examples of these types of attributes include time, position coordinate, person's age, rank, identity, and so on. In this paper, we introduce ABE for boolean formulae over Range Membership (ABE-RM). We show generic methods to convert conventional ABE to ABE-RM. Our generic conversions are efficient as they introduce only logarithmic overheads (in key and ciphertext sizes), as opposed to trivial methods, which would pose linear overheads. By applying our conversion to previous ABE schemes, we obtain new efficient and expressive ABE-RM schemes. Previous works that considered ABE with range attributes are specific and can only deal with either a single relation of range membership (Paterson and Quaglia at SCN'10, and Kasamatsu et al. at SCN'12), or limited classes of policies, namely, only AND-gates of range attributes (Shi et al. at IEEE S&P'07, and some subsequent work). Our schemes are generic and can deal with expressive boolean formulae.