Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption
Amit Sahai (UCLA)
Hakan Seyalioglu (UCLA)
Brent Waters (
Abstract:
Motivated by the question of access control in cloud storage, we consider the
problem using Attribute-Based Encryption (ABE) in a setting where users'
credentials may change and ciphertexts may be stored
by a third party. Our main result is obtained by pairing two contributions:
- We first ask how a third party who is not trusted with secret key
information can process a ciphertext to disqualify
revoked users from decrypting data encrypted in the past. Our core tool is a
new procedure called ciphertext delegation that
allows a ciphertext to be `re-encrypted' to a more restrictive policy using only public information.
- Second, we study the problem of revocable attribute-based encryption. We
provide the first fully secure construction by modifying an attribute-based
encryption scheme due to Lewko et al. and prove
security in the standard model.
We then combine these two results for a new approach for revocation on stored
data. Our scheme allows a storage server to update stored ciphertexts
to disqualify revoked users from accessing data that was encrypted before the
user's access was revoked while key update broadcasts can dynamically revoke
selected users.