Time-based key management in attribute-based encryption using piecewise key generation

Int. J. Inf. Comput. Secur. Pub Date : 2021-08-27 DOI:10.1504/ijics.2021.10040715

Geng Wang

{"title":"Time-based key management in attribute-based encryption using piecewise key generation","authors":"Geng Wang","doi":"10.1504/ijics.2021.10040715","DOIUrl":null,"url":null,"abstract":"Key management is essential in using attribute-based encryption (ABE) for dynamic access control in the practical world. Although user or key delegation has been widely discussed for ABE, it cannot solve all the key management problems. In this paper, we give a time-based key management scheme for ABE, providing the ABE scheme has piecewise key generation and ciphertext delegation, based on the revocation scheme in Sahai et al. (2012). In detail, we introduce a public time-related key generated by KDS, which stores the beginning time of the currently valid secret key for each user. For any ciphertext, user must download a time-related key which is generated later than the ciphertext, and use the time-related key along with the user private key to decrypt the ciphertext successfully. The user private key must be generated at the time stored in the time-related key, so any user cannot use outdated or revoked private keys to decrypt new ciphertexts, and ciphertext delegation is used to renew any ciphertext up to the current time. We also prove the security of the ABE schemes with time-based key management based on the security of piecewise key generation, for both KP-ABE and CP-ABE schemes.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"62 8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Inf. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/ijics.2021.10040715","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Key management is essential in using attribute-based encryption (ABE) for dynamic access control in the practical world. Although user or key delegation has been widely discussed for ABE, it cannot solve all the key management problems. In this paper, we give a time-based key management scheme for ABE, providing the ABE scheme has piecewise key generation and ciphertext delegation, based on the revocation scheme in Sahai et al. (2012). In detail, we introduce a public time-related key generated by KDS, which stores the beginning time of the currently valid secret key for each user. For any ciphertext, user must download a time-related key which is generated later than the ciphertext, and use the time-related key along with the user private key to decrypt the ciphertext successfully. The user private key must be generated at the time stored in the time-related key, so any user cannot use outdated or revoked private keys to decrypt new ciphertexts, and ciphertext delegation is used to renew any ciphertext up to the current time. We also prove the security of the ABE schemes with time-based key management based on the security of piecewise key generation, for both KP-ABE and CP-ABE schemes.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

使用分段密钥生成的基于属性的加密中的基于时间的密钥管理

密钥管理是在实际世界中使用基于属性的加密(ABE)进行动态访问控制的关键。尽管用户或密钥授权已被广泛讨论，但它并不能解决所有的密钥管理问题。在本文中，我们基于Sahai等人(2012)的撤销方案，给出了一个基于时间的ABE密钥管理方案，假设ABE方案具有分段密钥生成和密文授权。详细地说，我们将介绍一个由KDS生成的与时间相关的公共密钥，它存储每个用户当前有效密钥的开始时间。对于任何密文，用户都必须下载生成于该密文之后的时间相关密钥，并使用该时间相关密钥与用户私钥一起成功解密该密文。用户私钥必须在与时间相关的密钥中存储的时间生成，因此任何用户都不能使用过时或已撤销的私钥解密新的密文，并且使用密文委托将任何密文更新到当前时间。在分段密钥生成安全性的基础上，对KP-ABE和CP-ABE两种方案证明了基于时间密钥管理的ABE方案的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Int. J. Inf. Comput. Secur.

自引率

0.00%

发文量