Attribute-Based Encryption with Partially Hidden Ciphertext Policies

Takashi NISHIDE  Kazuki YONEYAMA  Kazuo OHTA  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E92-A   No.1   pp.22-32
Publication Date: 2009/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E92.A.22
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Public Key Cryptography
attribute-based encryption,  recipient anonymity,  access control on encrypted data,  

Full Text: PDF(255.5KB)>>
Buy this Article

We propose attribute-based encryption schemes where encryptor-specified policies (called ciphertext policies) are hidden. By using our schemes, an encryptor can encrypt data with a hidden access control policy. A decryptor obtains her secret key associated with her attributes from a trusted authority in advance and if the attributes associated with the decryptor's secret key do not satisfy the access control policy associated with the encrypted data, the decryptor cannot decrypt the data or guess even what access control policy was specified by the encryptor. We prove security of our construction based on the Decisional Bilinear Diffie-Hellman assumption and the Decision Linear assumption. In our security notion, even the legitimate decryptor cannot obtain the information about the access control policy associated with the encrypted data more than the fact that she can decrypt the data.