Security analysis of a privacy-preserving decentralized key-policy attribute-based encryption scheme

In a decentralized attribute-based encryption (ABE) system, any party can act as an authority by creating a public key and issuing private keys to different users that reflect their attributes without any collaboration. Such an ABE scheme can eliminate the burden of heavy communication and collaborative computation in the setup phase of multiauthority ABE schemes, thus is considered more preferable. Recently in IEEE Transactions Parallel Distributed Systems, Han et al. proposed an interesting privacy-preserving decentralized key-policy ABE scheme, which was claimed to achieve better privacy for users and to be provably secure in the standard model. However, after carefully revisiting the scheme, we conclude that their scheme cannot resist the collusion attacks, hence fails to meet the basic security definitions of the ABE system. © 1990-2012 IEEE.In a decentralized attribute-based encryption (ABE) system, any party can act as an authority by creating a public key and issuing private keys to different users that reflect their attributes without any collaboration. Such an ABE scheme can eliminate the burden of heavy communication and collaborative computation in the setup phase of multiauthority ABE schemes, thus is considered more preferable. Recently in IEEE Transactions Parallel Distributed Systems, Han et al. proposed an interesting privacy-preserving decentralized key-policy ABE scheme, which was claimed to achieve better privacy for users and to be provably secure in the standard model. However, after carefully revisiting the scheme, we conclude that their scheme cannot resist the collusion attacks, hence fails to meet the basic security definitions of the ABE system. © 1990-2012 IEEE