International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Multi-Client Attribute-Based and Predicate Encryption from Standard Assumptions

Authors:
David Pointcheval , École normale supérieure Paris
Robert Schädlich , École normale supérieure Paris
Download:
Search ePrint
Search Google
Presentation: Slides
Conference: TCC 2024
Abstract: Multi-input Attribute-Based Encryption (ABE) is a generalization of key-policy ABE where attributes can be independently encrypted across several ciphertexts, and a joint decryption of these ciphertexts is possible if and only if the combination of attributes satisfies the policy of the decryption key. We extend this model by introducing a new primitive that we call Multi-Client ABE (MC-ABE), which provides the usual enhancements of multi-client functional encryption over multi-input functional encryption. Specifically, we separate the secret keys that are used by the different encryptors and consider the case that some of them may be corrupted by the adversary. Furthermore, we tie each ciphertext to a label and enable a joint decryption of ciphertexts only if all ciphertexts share the same label. We provide constructions of MC-ABE for various policy classes based on SXDH. Notably, we can deal with policies that are not a conjunction of local policies, which has been a limitation of previous constructions from standard assumptions. Subsequently, we introduce the notion of Multi-Client Predicate Encryption (MC-PE) which, in contrast to MC-ABE, does not only guarantee message-hiding but also attribute-hiding. We present a new compiler that turns any constant-arity MC-ABE into an MC-PE for the same arity and policy class. Security is proven under the LWE assumption.
BibTeX
@inproceedings{tcc-2024-34622,
  title={Multi-Client Attribute-Based and Predicate Encryption from Standard Assumptions},
  publisher={Springer-Verlag},
  author={David Pointcheval and Robert Schädlich},
  year=2024
}