Data User-Based Attribute-Based Encryption

Attribute-Based Encryption (ABE) has emerged as an information-centric public-key cryptographic system which allows a data owner to share data, according to access policy, with multiple data users based on the attributes they possess, without knowing their identities. In the original ABE schemes, a central authority administrates the system and issues secret keys to data users based on their attributes and both the owner and users need to trust a specific CA. However, in certain real-world applications, the data users would not trust anyone but themselves. For such situations, we introduce a new decentralization model of ABE, termed Data User-based ABE (DU-ABE), which is managed jointly by the data users. DU-ABE is the first decentralized ABE scheme that replaces the authorities with the data users without employing any other extra entities.Comment: 5 pages, 1 figure

Collusion Attacks on Decentralized Attributed-Based Encryption: Analyses and a Solution

Attribute-based Encryption (ABE) is an information centric security solution that moves beyond traditional restrictions of point-to-point encryption by allowing for flexible, fine-grain policy-based and content-based access control that is cryptographically enforced. As the original ABE systems are managed by a single authority, several efforts have decentralized different ABE schemes to address the key escrow problem, where the authority can issue secret keys to itself to decrypt all the ciphertext. However, decentralized ABE (DABE) schemes raise the issue of collusion attacks. In this paper, we review two existing types of collusion attacks on DABE systems, and introduce a new type of collusion among authorities and data users. We show that six existing DABE systems are vulnerable to the newly introduced collusion and propose a model to secure one of the DABE schemes