Decentralized attribute-based encryption(ABE) is an efficient and flexible multi-authority attribute-based encryption system, since it does not requires the central authority and does not need to cooperate among the authorities for creating public parameters. Unfortunately, recent works show that the reality of the privacy-preserving and security in almost well-known decentralized key policy ABE(KP-ABE) schemes are doubtful. How to construct a decentralized KP-ABE with the privacy- preserving and user collusion avoidance is still a challenge problem. Most recently, Y.Rahulamathavam et al. proposed a decentralized key-policy(KP) ABE scheme to try avoiding user collusion and preserving the user�s privacy. However, we exploit the vulnerability of their scheme in this paper at first and present a collusion attack on their decentralized KP-ABE scheme. The attack shows the user collusion can not be avoided. Subsequently, a new privacy-preserving decentralized KP-ABE is proposed. The proposed scheme avoids the linear attacks at present and achieves the user collusion avoidance. We also show that the security of the proposed scheme is reduced to decisional bilinear Diffie-Hellman(DBDH) assumption. Finally, numerical experiments demonstrate the efficiency and validity of the proposed scheme.
In a Key-Policy ABE (KP-ABE) scheme, the secret key is associated with an access structure(policy), while the cipher- text is labeled with a set of attributes . In a DKP-ABE system, multiple authorities can work inde- pendently without any cooperation with each other, any party can issue private keys to users. The ciphertext is generated under some attributes which authorized users need satisfied. A user obtains private keys from different authorities and is able to decrypt the ciphertexts if his attributes match the attributes specified in the ciphertext.
the collusion attack has been carried out success- fully, that is to say, suppose the ciphertext is associated with attributes a i,j , a group of unauthorized users (none of their attributes satisfies all a i,j ) are able to access the encrypted data successfully, as long as they could obtain the completely secret keys of ? A k m individually, and ultimately make all of their attributes meet the attributes required in the ciphertext. Thus, the DKP-ABE scheme of Y. Rahulamathavam et al fails to meet the security requirement of collusion resistance.
I N order to share data according to a policy without prior knowledge of who will be receiving them, Sahai and Waters extended identity-based encryption and introduced the attribute-based encryption mechanism. According to a policy over a set of attributes associated with the generation of private keys or ciphertext, attribute- based encryption is categorized into key-policy attribute-based encryption (KP-ABE) and ciphertext-policy attribute-based encryption(CP-ABE).
Most of all ABE proposals are devel- oped using single central authority which generates private keys of the users and verifies all the attributes or credentials it issued for each user. In a single authority attribute based encryption scheme , a central authority(CA) can control all the data and sensitive information of the users. In addition, the central authority needs to communicate with each user, it is a difficult task to manage numerous users� attributes
However, we exploit the vulnerability of their scheme in this paper at first and present a collusion attack on their decentralized KP-ABE scheme. The attack shows the user collusion can not be avoided. Subsequently, a new privacy-preserving decentralized KP-ABE is proposed. The proposed scheme avoids the linear attacks at present and achieves the user collusion avoidance. We also show that the security of the proposed scheme is reduced to decisional bilinear Diffie-Hellman(DBDH) assumption.The single authority could become a common bottleneck. Chase solve it and presented the multi-authority(MA) scheme in , where there are multiple authorities responsible for dis- joint set of attributes. However, her scheme also needs a trusted central attribute authority for distributing all the keys. If the CA is malicious, it can compromise the ABE system. Then Chase and Chow further developed MA-ABE using a distributed PRF and showed the CA was removed in.
To satisfy the simultaneous goals of autonomous key generation and collusion resistance, Lewko and Waters proposed a new multi-authority ABE named decentralized ABE. Their scheme overcomes the collusion vulnerability without any coordination between attributes authorities(AAs) but does not preserve the users� privacy. Then Han et al. proposed a privacy preserving decentralized KP-ABE scheme(DKP-ABE) in. However, Ge et al. pointed out that it did not resist user collusion attack. Subsequently, a modified privacy- preserving decentralized KP-ABE scheme was proposed by Rahulamathavan et al.. In, the authors declared their scheme mitigated the user collusion attack employing anonymous key issuing protocol and achieved user's GID hidden
In this paper, we discuss how to built the securely decentral- ized KP-ABE. Based on a security analysis of the scheme of Y. Rahulamathavam et al, we propose an improvement scheme and show that the scheme can resist collusion attacks existing in the recent works.
The security of the proposed scheme is reduced to the standard complexity assumption�Decisional Bilinear Diffie-Hellman assumption.