Blacklisting access control via negated subset predicate encryption: Constant-size ciphertexts/keys constructions with adaptive security or attribute hiding

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2025-03-01 Epub Date: 2025-01-06 DOI:10.1016/j.jisa.2024.103959

Yi-Fan Tseng

{"title":"Blacklisting access control via negated subset predicate encryption: Constant-size ciphertexts/keys constructions with adaptive security or attribute hiding","authors":"Yi-Fan Tseng","doi":"10.1016/j.jisa.2024.103959","DOIUrl":null,"url":null,"abstract":"<div><div>In order to realize the functionality for blacklisting, we introduce a novel primitive, negated subset-predicate encryption (NSPE), where a ciphertext associated with a set <span><math><msub><mrow><mi>S</mi></mrow><mrow><mi>C</mi></mrow></msub></math></span> can be only decrypted by a private key related to a set <span><math><msub><mrow><mi>S</mi></mrow><mrow><mi>K</mi></mrow></msub></math></span> iff <span><math><mrow><msub><mrow><mi>S</mi></mrow><mrow><mi>K</mi></mrow></msub><mo>⁄</mo><mo>⊆</mo><msub><mrow><mi>S</mi></mrow><mrow><mi>C</mi></mrow></msub></mrow></math></span>. Compared to adopting complex tools to realize such a functionality, e.g., key-policy attribute-based encryption (KPABE) for non-monotonic access structure, NSPE provides a more concise and efficient way. In this manuscript, we first conceptualize the definition and security requirements for NSPE, and give several constructions, including fully secure constructions with different features, generic construction with weak attribute-hiding, and selectively secure construction with shorter ciphertexts/keys. All of the proposed schemes are proven secure under well-studied assumptions. Compared with the architecture using complex primitives such as KPABE to achieve the same functionality, our schemes provide a more concise and efficient method, especially in terms of the private key size.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103959"},"PeriodicalIF":3.7000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624002618","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/6 0:00:00","PubModel":"Epub","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In order to realize the functionality for blacklisting, we introduce a novel primitive, negated subset-predicate encryption (NSPE), where a ciphertext associated with a set

S_{C}

can be only decrypted by a private key related to a set

S_{K}

iff

S_{K} ⁄ \subseteq S_{C}

. Compared to adopting complex tools to realize such a functionality, e.g., key-policy attribute-based encryption (KPABE) for non-monotonic access structure, NSPE provides a more concise and efficient way. In this manuscript, we first conceptualize the definition and security requirements for NSPE, and give several constructions, including fully secure constructions with different features, generic construction with weak attribute-hiding, and selectively secure construction with shorter ciphertexts/keys. All of the proposed schemes are proven secure under well-studied assumptions. Compared with the architecture using complex primitives such as KPABE to achieve the same functionality, our schemes provide a more concise and efficient method, especially in terms of the private key size.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

通过否定子集谓词加密的黑名单访问控制：具有自适应安全性或属性隐藏的恒定大小的密文/密钥结构

为了实现黑名单功能，我们引入了一种新颖的基元反子集谓词加密（NSPE），其中与集SC相关的密文只能通过与集SK相关的私钥（iff SK /任任）解密。相对于采用复杂的工具（如针对非单调访问结构的key-policy attribute-based encryption， KPABE）来实现这一功能，NSPE提供了一种更简洁高效的方式。在本文中，我们首先对NSPE的定义和安全要求进行了概念化，并给出了几种结构，包括具有不同特征的完全安全结构、具有弱属性隐藏的通用结构和具有较短密文/密钥的选择性安全结构。在经过充分研究的假设下，所有提出的方案都被证明是安全的。与使用KPABE等复杂原语实现相同功能的体系结构相比，我们的方案提供了一种更简洁、更有效的方法，特别是在私钥大小方面。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.