Decentralized Multi-authority ABE for DNFs from LWE

Pratish Datta; Ilan Komargodski; Brent Waters

doi:10.1007/978-3-030-77870-5_7

Decentralized Multi-authority ABE for DNFs from LWE

Pratish Datta^*, Ilan Komargodski, Brent Waters

^*Corresponding author for this work

The Rachel and Selim Benin School of Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

38 Scopus citations

Abstract

We construct the first decentralized multi-authority attribute-based encryption (MA- ABE ) scheme for a non-trivial class of access policies whose security is based (in the random oracle model) solely on the Learning With Errors (LWE) assumption. The supported access policies are ones described by DNF formulas. All previous constructions of MA- ABE schemes supporting any non-trivial class of access policies were proven secure (in the random oracle model) assuming various assumptions on bilinear maps. In our system, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. A party can simply act as a standard ABE authority by creating a public key and issuing private keys to different users that reflect their attributes. A user can encrypt data in terms of any DNF formulas over attributes issued from any chosen set of authorities. Finally, our system does not require any central authority. In terms of efficiency, when instantiating the scheme with a global bound s on the size of access policies, the sizes of public keys, secret keys, and ciphertexts, all grow with s. Technically, we develop new tools for building ciphertext-policy ABE (CP- ABE ) schemes using LWE. Along the way, we construct the first provably secure CP- ABE scheme supporting access policies in NC¹ under the LWE assumption that avoids the generic universal-circuit-based key-policy to ciphertext-policy transformation. In particular, our construction relies on linear secret sharing schemes with new properties and in some sense is more similar to CP- ABE schemes that rely on bilinear maps. While our CP- ABE construction is not more efficient than existing ones, it is conceptually intriguing and further we show how to extend it to get the MA- ABE scheme described above.

Original language	English
Title of host publication	Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
Editors	Anne Canteaut, François-Xavier Standaert
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	177-209
Number of pages	33
ISBN (Print)	9783030778699
DOIs	https://doi.org/10.1007/978-3-030-77870-5_7
State	Published - 2021
Event	40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021 - Zagreb, Croatia Duration: 17 Oct 2021 → 21 Oct 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12696 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021
Country/Territory	Croatia
City	Zagreb
Period	17/10/21 → 21/10/21

Bibliographical note

Publisher Copyright:
© 2021, International Association for Cryptologic Research.

Access to Document

10.1007/978-3-030-77870-5_7

Cite this

Datta, P., Komargodski, I., & Waters, B. (2021). Decentralized Multi-authority ABE for DNFs from LWE. In A. Canteaut, & F.-X. Standaert (Eds.), Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings (pp. 177-209). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12696 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-77870-5_7

Datta, Pratish ; Komargodski, Ilan ; Waters, Brent. / Decentralized Multi-authority ABE for DNFs from LWE. Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. editor / Anne Canteaut ; François-Xavier Standaert. Springer Science and Business Media Deutschland GmbH, 2021. pp. 177-209 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{d06c1a4c3be5414b9880e501d8b15422,

title = "Decentralized Multi-authority ABE for DNFs from LWE",

abstract = "We construct the first decentralized multi-authority attribute-based encryption (MA- ABE ) scheme for a non-trivial class of access policies whose security is based (in the random oracle model) solely on the Learning With Errors (LWE) assumption. The supported access policies are ones described by DNF formulas. All previous constructions of MA- ABE schemes supporting any non-trivial class of access policies were proven secure (in the random oracle model) assuming various assumptions on bilinear maps. In our system, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. A party can simply act as a standard ABE authority by creating a public key and issuing private keys to different users that reflect their attributes. A user can encrypt data in terms of any DNF formulas over attributes issued from any chosen set of authorities. Finally, our system does not require any central authority. In terms of efficiency, when instantiating the scheme with a global bound s on the size of access policies, the sizes of public keys, secret keys, and ciphertexts, all grow with s. Technically, we develop new tools for building ciphertext-policy ABE (CP- ABE ) schemes using LWE. Along the way, we construct the first provably secure CP- ABE scheme supporting access policies in NC1 under the LWE assumption that avoids the generic universal-circuit-based key-policy to ciphertext-policy transformation. In particular, our construction relies on linear secret sharing schemes with new properties and in some sense is more similar to CP- ABE schemes that rely on bilinear maps. While our CP- ABE construction is not more efficient than existing ones, it is conceptually intriguing and further we show how to extend it to get the MA- ABE scheme described above.",

author = "Pratish Datta and Ilan Komargodski and Brent Waters",

note = "Publisher Copyright: {\textcopyright} 2021, International Association for Cryptologic Research.; 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021 ; Conference date: 17-10-2021 Through 21-10-2021",

year = "2021",

doi = "10.1007/978-3-030-77870-5_7",

language = "אנגלית",

isbn = "9783030778699",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "177--209",

editor = "Anne Canteaut and Fran{\c c}ois-Xavier Standaert",

booktitle = "Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings",

address = "גרמניה",

}

Datta, P, Komargodski, I & Waters, B 2021, Decentralized Multi-authority ABE for DNFs from LWE. in A Canteaut & F-X Standaert (eds), Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12696 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 177-209, 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021, Zagreb, Croatia, 17/10/21. https://doi.org/10.1007/978-3-030-77870-5_7

Decentralized Multi-authority ABE for DNFs from LWE. / Datta, Pratish; Komargodski, Ilan; Waters, Brent.
Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. ed. / Anne Canteaut; François-Xavier Standaert. Springer Science and Business Media Deutschland GmbH, 2021. p. 177-209 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12696 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Decentralized Multi-authority ABE for DNFs from LWE

AU - Datta, Pratish

AU - Komargodski, Ilan

AU - Waters, Brent

PY - 2021

Y1 - 2021

N2 - We construct the first decentralized multi-authority attribute-based encryption (MA- ABE ) scheme for a non-trivial class of access policies whose security is based (in the random oracle model) solely on the Learning With Errors (LWE) assumption. The supported access policies are ones described by DNF formulas. All previous constructions of MA- ABE schemes supporting any non-trivial class of access policies were proven secure (in the random oracle model) assuming various assumptions on bilinear maps. In our system, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. A party can simply act as a standard ABE authority by creating a public key and issuing private keys to different users that reflect their attributes. A user can encrypt data in terms of any DNF formulas over attributes issued from any chosen set of authorities. Finally, our system does not require any central authority. In terms of efficiency, when instantiating the scheme with a global bound s on the size of access policies, the sizes of public keys, secret keys, and ciphertexts, all grow with s. Technically, we develop new tools for building ciphertext-policy ABE (CP- ABE ) schemes using LWE. Along the way, we construct the first provably secure CP- ABE scheme supporting access policies in NC1 under the LWE assumption that avoids the generic universal-circuit-based key-policy to ciphertext-policy transformation. In particular, our construction relies on linear secret sharing schemes with new properties and in some sense is more similar to CP- ABE schemes that rely on bilinear maps. While our CP- ABE construction is not more efficient than existing ones, it is conceptually intriguing and further we show how to extend it to get the MA- ABE scheme described above.

AB - We construct the first decentralized multi-authority attribute-based encryption (MA- ABE ) scheme for a non-trivial class of access policies whose security is based (in the random oracle model) solely on the Learning With Errors (LWE) assumption. The supported access policies are ones described by DNF formulas. All previous constructions of MA- ABE schemes supporting any non-trivial class of access policies were proven secure (in the random oracle model) assuming various assumptions on bilinear maps. In our system, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters. A party can simply act as a standard ABE authority by creating a public key and issuing private keys to different users that reflect their attributes. A user can encrypt data in terms of any DNF formulas over attributes issued from any chosen set of authorities. Finally, our system does not require any central authority. In terms of efficiency, when instantiating the scheme with a global bound s on the size of access policies, the sizes of public keys, secret keys, and ciphertexts, all grow with s. Technically, we develop new tools for building ciphertext-policy ABE (CP- ABE ) schemes using LWE. Along the way, we construct the first provably secure CP- ABE scheme supporting access policies in NC1 under the LWE assumption that avoids the generic universal-circuit-based key-policy to ciphertext-policy transformation. In particular, our construction relies on linear secret sharing schemes with new properties and in some sense is more similar to CP- ABE schemes that rely on bilinear maps. While our CP- ABE construction is not more efficient than existing ones, it is conceptually intriguing and further we show how to extend it to get the MA- ABE scheme described above.

UR - http://www.scopus.com/inward/record.url?scp=85111367489&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-77870-5_7

DO - 10.1007/978-3-030-77870-5_7

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85111367489

SN - 9783030778699

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 177

EP - 209

BT - Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings

A2 - Canteaut, Anne

A2 - Standaert, François-Xavier

PB - Springer Science and Business Media Deutschland GmbH

T2 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2021

Y2 - 17 October 2021 through 21 October 2021

ER -

Datta P, Komargodski I, Waters B. Decentralized Multi-authority ABE for DNFs from LWE. In Canteaut A, Standaert FX, editors, Advances in Cryptology – EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Springer Science and Business Media Deutschland GmbH. 2021. p. 177-209. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-77870-5_7

Decentralized Multi-authority ABE for DNFs from LWE

Abstract

Publication series

Conference

Bibliographical note

Access to Document

Other files and links

Fingerprint

Cite this