Skip to main content
SpringerLink
Log in

GLUE: Generalizing Unbounded Attribute-Based Encryption for Flexible Efficiency Trade-Offs

  • Conference paper
  • First Online:
Public-Key Cryptography – PKC 2023 (PKC 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13940))

Included in the following conference series:

Abstract

Ciphertext-policy attribute-based encryption is a versatile primitive that has been considered extensively to securely manage data in practice. Especially completely unbounded schemes are attractive, because they do not restrict the sets of attributes and policies. So far, any such schemes that support negations in the access policy or that have online/offline extensions have an inefficient decryption algorithm.

In this work, we propose GLUE (Generalized, Large-universe, Unbounded and Expressive), which is a novel scheme that allows for the efficient implementation of the decryption while allowing the support of both negations and online/offline extensions. We achieve these properties simultaneously by uncovering an underlying dependency between encryption and decryption, which allows for a flexible trade-off in their efficiency. For the security proof, we devise a new technique that enables us to generalize multiple existing schemes. As a result, we obtain a completely unbounded scheme supporting negations that, to the best of our knowledge, outperforms all existing such schemes in the decryption algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In this paper, we will use the terms “sets of attributes” and “(attribute) sets” to refer to the attributes associated with the secret keys. We use the term “universe of attributes” to refer to the total set of attributes that can be used in the system.

  2. 2.

    For example, parameters such as those in schemes with a flexible efficiency trade-off (e.g., [12, 52]) or the number of re-uses of the same attribute in the policy (e.g., [35]).

  3. 3.

    Although approximated theoretically, we expect our estimates to be close to the costs of actual implementations [54].

References

  1. Agrawal, S., Chase, M.: A study of pair encodings: predicate encryption in prime order groups. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 259–288. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49099-0_10

    Chapter  MATH  Google Scholar 

  2. Agrawal, S., Chase, M.: FAME: fast attribute-based message encryption. In: CCS, pp. 665–682. ACM (2017)

    Google Scholar 

  3. Agrawal, S., Chase, M.: Simplifying design and analysis of complex predicate encryption schemes. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 627–656. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56620-7_22

    Chapter  Google Scholar 

  4. Agrawal, S., Chase, M.: Simplifying design and analysis of complex predicate encryption schemes. Cryptology ePrint Archive, Report 2017/233 (2017)

    Google Scholar 

  5. Akinyele, J.A., et al.: Charm: a framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3(2), 111–128 (2013)

    Article  Google Scholar 

  6. Ambrona, M.: Generic negation of pair encodings. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12711, pp. 120–146. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75248-4_5

    Chapter  Google Scholar 

  7. Ambrona, M., Barthe, G., Gay, R., Wee, H.: Attribute-based encryption in the generic group model: Automated proofs and new constructions. In: CCS, pp. 647–664. ACM (2017)

    Google Scholar 

  8. Aranha, D.F., Gouvêa, C.P.L., Markmann, T., Wahby, R.S., Liao, K.: RELIC is an Efficient LIbrary for Cryptography. https://github.com/relic-toolkit/relic (2020)

  9. Attrapadung, N.: Dual system encryption via doubly selective security: framework, fully secure functional encryption for regular languages, and more. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 557–577. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_31

    Chapter  Google Scholar 

  10. Attrapadung, N.: Dual system encryption framework in prime-order groups via computational pair encodings. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 591–623. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_20

    Chapter  MATH  Google Scholar 

  11. Attrapadung, N.: Unbounded dynamic predicate compositions in attribute-based encryption. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 34–67. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_2

    Chapter  MATH  Google Scholar 

  12. Attrapadung, N., Hanaoka, G., Matsumoto, T., Teruya, T., Yamada, S.: Attribute based encryption with direct efficiency tradeoff. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 249–266. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_14

    Chapter  Google Scholar 

  13. Attrapadung, N., Libert, B., de Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 90–108. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_6

    Chapter  MATH  Google Scholar 

  14. Attrapadung, N., Tomida, J.: Unbounded dynamic predicate compositions in ABE from standard assumptions. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12493, pp. 405–436. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64840-4_14

    Chapter  MATH  Google Scholar 

  15. Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_19

    Chapter  Google Scholar 

  16. Beimel, A.: Secure schemes for secret sharing and key distribution, Ph. D. thesis, Ben Gurion University (1996)

    Google Scholar 

  17. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: S &P, pp. 321–334. IEEE (2007)

    Google Scholar 

  18. Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_14

    Chapter  Google Scholar 

  19. Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_26

    Chapter  Google Scholar 

  20. Brickell, E.F., Gordon, D.M., McCurley, K.S., Wilson, D.B.: Fast exponentiation with precomputation. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 200–207. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-47555-9_18

    Chapter  Google Scholar 

  21. Chen, J., Gay, R., Wee, H.: Improved dual system ABE in prime-order groups via predicate encodings. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 595–624. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_20

    Chapter  Google Scholar 

  22. Chen, J., Gong, J., Kowalczyk, L., Wee, H.: Unbounded ABE via bilinear entropy expansion, revisited. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 503–534. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78381-9_19

    Chapter  Google Scholar 

  23. Clarisse, R., Duquesne, S., Sanders, O.: Curves with fast computations in the first pairing group. In: Krenn, S., Shulman, H., Vaudenay, S. (eds.) CANS 2020. LNCS, vol. 12579, pp. 280–298. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-65411-5_14

    Chapter  Google Scholar 

  24. ETSI: ETSI TS 103 458 (V1.1.1). Technical specification, European Telecommunications Standards Institute (ETSI) (2018)

    Google Scholar 

  25. ETSI: ETSI TS 103 532 (V1.1.1). Technical specification, European Telecommunications Standards Institute (ETSI) (2018)

    Google Scholar 

  26. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: CCS. ACM (2006)

    Google Scholar 

  27. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. Cryptology ePrint Archive, Report 2006/309 (2006)

    Google Scholar 

  28. Guillevic, A.: A short-list of pairing-friendly curves resistant to special TNFS at the 128-Bit security level. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 535–564. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45388-6_19

    Chapter  Google Scholar 

  29. Guillevic, A., Singh, S.: On the alpha value of polynomials in the tower number field sieve algorithm. Cryptology ePrint Archive, Report 2019/885 (2019)

    Google Scholar 

  30. Hamburg, M.: Spatial encryption. Cryptology ePrint Archive, Report 2011/389 (2011)

    Google Scholar 

  31. Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 293–310. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_17

    Chapter  Google Scholar 

  32. Hu, C.T., et al.: Guide to attribute based access control (ABAC) definition and considerations (2019). https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=927500

  33. Kachisa, E.J., Schaefer, E.F., Scott, M.: Constructing brezing-weng pairing-friendly elliptic curves using elements in the cyclotomic field. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 126–135. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85538-5_9

    Chapter  MATH  Google Scholar 

  34. Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., et al. (eds.) FC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14992-4_13

    Chapter  Google Scholar 

  35. Kowalczyk, L., Wee, H.: Compact adaptively secure ABE for \(\sf NC^1\) from k-Lin. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 3–33. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_1

    Chapter  Google Scholar 

  36. Ladd, W., Venema, M., Verma, T.: Portunus: Re-imagining access control in distributed systems. Cryptology ePrint Archive, Paper 2023/094 (2023)

    Google Scholar 

  37. Lewko, A., Sahai, A., Waters, B.: Revocation systems with very small private keys. In: IEEE S & P, pp. 273–285 (2010)

    Google Scholar 

  38. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_31

    Chapter  Google Scholar 

  39. Lewko, A., Waters, B.: Unbounded HIBE and attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 547–567. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_30

    Chapter  Google Scholar 

  40. Lin, H., Luo, J.: Compact adaptively secure ABE from k-lin: Beyond nc\({}^{\text{1}}\) and towards NL. Cryptology ePrint Archive, Paper 2020/318 (2020)

    Google Scholar 

  41. Möller, B.: Algorithms for multi-exponentiation. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 165–180. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45537-X_13

    Chapter  Google Scholar 

  42. Okamoto, T., Takashima, K.: Fully secure unbounded inner-product and attribute-based encryption. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 349–366. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_22

    Chapter  Google Scholar 

  43. Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: CCS, pp. 195–203. ACM (2007)

    Google Scholar 

  44. de la Piedra, A., Venema, M., Alpár, G.: ABE squared: Accurately benchmarking efficiency of attribute-based encryption. TCHES 2022(2), 192–239 (2022)

    Article  Google Scholar 

  45. Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: CCS, pp. 463–474. ACM (2013)

    Google Scholar 

  46. Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 199–217. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_13

    Chapter  Google Scholar 

  47. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  48. Santos, N., Rodrigues, R., Gummadi, K.P., Saroiu, S.: Policy-sealed data: a new abstraction for building trusted cloud services. In: USENIX Security Symposium, pp. 175–188. USENIX Association (2012)

    Google Scholar 

  49. Tomida, J., Kawahara, Y., Nishimaki, R.: Fast, compact, and expressive attribute-based encryption. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12110, pp. 3–33. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45374-9_1

    Chapter  Google Scholar 

  50. Venema, M.: A practical compiler for attribute-based encryption: new decentralized constructions and more. In: To appear at CT-RSA 2023. Springer (2023). Cryptology ePrint Archive, Paper 2023/143

    Google Scholar 

  51. Venema, M., Alpár, G.: Performance estimates for the GLUE paper. https://github.com/mtcvenema/glue

  52. Venema, M., Alpár, G.: TinyABE: Unrestricted ciphertext-policy attribute-based encryption for embedded devices and low-quality networks. In: Batina, L., Daemen, J. (eds.) Progress in Cryptology - AFRICACRYPT 2022. AFRICACRYPT 2022. Lecture Notes in Computer Science, vol. 13503, pp. 103–129. Springer (2022). https://doi.org/10.1007/978-3-031-17433-9_5

  53. Venema, M., Alpár, G., Hoepman, J.: Systematizing core properties of pairing-based attribute-based encryption to uncover remaining challenges in enforcing access control in practice. Des. Codes Cryptogr. 91(1), 165–220 (2023)

    Article  MathSciNet  MATH  Google Scholar 

  54. Venema, M., Alpàr, G.: Glue: Generalizing unbounded attribute-based encryption for flexible efficiency trade-offs. Cryptology ePrint Archive, Paper 2022/613 (2022)

    Google Scholar 

  55. Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. Cryptology ePrint Archive, Report 2008/290 (2008)

    Google Scholar 

  56. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_4

    Chapter  Google Scholar 

  57. Yamada, S., Attrapadung, N., Hanaoka, G., Kunihiro, N.: A framework and compact constructions for non-monotonic attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 275–292. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_16

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Wuppertal, Wuppertal, Germany

    Marloes Venema

  2. Radboud University, Nijmegen, The Netherlands

    Marloes Venema & Greg Alpár

  3. Open University of the Netherlands, Heerlen, The Netherlands

    Greg Alpár

Authors
  1. Marloes Venema
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Greg Alpár
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marloes Venema .

Editor information

Editors and Affiliations

  1. Georgia Institute of Technology, Atlanta, GA, USA

    Alexandra Boldyreva

  2. Georgia Institute of Technology, Atlanta, GA, USA

    Vladimir Kolesnikov

Rights and permissions

Reprints and permissions

Copyright information

© 2023 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Venema, M., Alpár, G. (2023). GLUE: Generalizing Unbounded Attribute-Based Encryption for Flexible Efficiency Trade-Offs. In: Boldyreva, A., Kolesnikov, V. (eds) Public-Key Cryptography – PKC 2023. PKC 2023. Lecture Notes in Computer Science, vol 13940. Springer, Cham. https://doi.org/10.1007/978-3-031-31368-4_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-31368-4_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-31367-7

  • Online ISBN: 978-3-031-31368-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation