No abstract
This paper contributes to understanding the interplay of security notions for PKE, KEMs, and DEMs, in settings with multiple users, challenges, and instances. We start analytically by first studying (a) the tightness aspects of the standard hybrid KEM+DEM encryption paradigm, (b) the inherent weak security properties of all deterministic DEMs due to generic key-collision attacks in the multi-instance setting, and (c) the negative effect of deterministic DEMs on the security of hybrid encryption.We then switch to the constructive side by (d) introducing the concept of an augmented data encapsulation mechanism (ADEM) that promises robustness against multi-instance attacks, (e) proposing a variant of hybrid encryption that uses an ADEM instead of a DEM to alleviate the problems of the standard KEM+DEM composition, and (f) constructing practical ADEMs that are secure in the multi-instance setting.
A revocable-storage attribute-based encryption (RS-ABE) scheme is an encryption scheme which extends attribute-based encryption by introducing user revocation. A key-policy RS-ABE scheme links each key to an access structure. We propose a new key-policy RS-ABE scheme whose security we prove in term of indistinguishability under a chosen-plaintext attack (IND-CPA).on user revocation and in this paper we design a public-key scheme which enjoys ABE for encryption, while allowing to revoke users arbitrarily. This is the goal of revocablestorage attribute-based encryption (RS-ABE), a scheme described by Lee et al. [8] employing a ciphertext policy. To be more precise, our aim is to build a key-policy version of such scheme and to prove its security in a theoretical framework fit to the application context. Starting from the ideas in [8], we modify concepts and techniques described therein to adapt them to our goals. We observe that a key-policy RS-ABE scheme was independently described by Lee [7], but we employ a different construction and different security assumptions, reaching an independent security result.In Section 2 we describe the RS-ABE framework, and we give the definition of CPA-security. In Section 3 we describe the assumptions required for the security of our scheme. In Section 4 we give an overview of the building blocks of our scheme: Complete Subset (CS), Self-Updatable Encryption (SUE) and key-policy Attribute Based Encryption. In Section 5 we are finally able to describe our scheme in detail and state our main result on its security. Section 6 is entirely devoted to the proof of our claimed theorem. Finally, in Section 7 we discuss the efficiency of our key-policy RS-ABE scheme and draw some conclusions, sketching future work. StructureWe provide a high-level description of a key-policy revocable-storage attribute-based encryption scheme. A is the set of all possible attributes and an access structure A is a set of subsets of A (for a formal definition, see Definition 7). Moreover we denote with U the set of all users. Starting from A and other public parameters, an authority C must create some public information (PI) and two general keys: the general public key and the master key. The public information contains the general setting and is known to everyone. The general public key, which we shorten to public key (PK), can be used by any user to encrypt, even by anyone having access to the system and knowing only PI and PK. The master key (MK) is used only by C to create the users' private keys (no user has a personal public key), when user requests it, and the (general) time-update key (TK), at any time update. The latter is known to everyone and incorporates the information on the updated list of revoked users. In order to decrypt, any user needs her own private key (SK), TK and PI. This scheme is described by seven Probabilistic Polynomial Time (PPT) algorithms.Setup (λ, A, Tmax, Nmax) → (MK, PI, PK). λ is the security parameter, A is the set of all possible attributes, Tmax is the maximum time w...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.