Understanding Ciphertext Policy Attribute Based Encryption (CPABE)
Ciphertext Policy Attribute Based Encryption (CPABE) is a method that links access policies with ciphertext, allowing decryption based on user attributes rather than specific keys. This enhances security and flexibility in data access control. The encryption system also addresses challenges in remote file storage, such as scalability, reliability, and access control.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Ciphertext-Policy Attribute-Based Encryption (CPABE) Presented By Saoreen Rahman
Outline Attribute-Based Encryption Ciphertext-policy attribute-based encryption (CP-ABE) CPABE Construction Security Model for CP-ABE An application of CPABE 2
Attribute-Based Encryption Public-key encryption Secret key The ciphertext Decryption of a ciphertext is possible set of attributes of the user key Depends on attributes Satisfy the attributes of the ciphertext 3
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) CP-ABE links the access policy with the ciphertext, and attributes with the keys. Attributes are used to describe user s credentials Users' secret keys set of attributes Access policy (P) is declared by the user who encrypts data. Access policy (P) Encryption Secret key Decryption User s attribute = P 4
CP-ABE Properties It has the capacity to address complex access control policies. The exact list of users need not be known apriori. Knowledge of the access policy is sufficient. CP-ABE is collusion resistance. 5
Remote File Storage: Interesting Challenges Scalability Reliability Security? 6
Remote File Storage: Server Centric Access Control Access Control List: Alice, Bob and anyone in IT Department Eve IT Department, Assistant Manager Advantage: Flexible Access Policies Disadvantage: Must trust security of server Unwanted entity may gain the access 7
Remote File Storage: Encrypting Files More Secure, less flexible Needs Efficient Key distribution Multiple file encryption with same key 8
Remote File Storage: Solution We want Encrypted files for untrusted storage Offline key distribution No Server Centric Access Control Fine grained access policies Solution: CPABE User s private key is associated with attributes Files can be encrypted under access policy (P) over those attributes Decryption is possible only user s attributes pass through the ciphertext s access policy (P). 9
CP-ABE Example ((General Army) (2-out-of { Op-X, Op-Y, Op-Z, Op-Star })) Internal Nodes: AND gates OR gates K-of-n threshold gates Leaf Nodes: attributes 10
Background: Bilinear Maps a g ( , )ab e g g b g G G 1 0 = = a b ab b a ( , ) ( , ) e g g ( , ) e g g e g g , a b Z , ( , ) G e g g g G And p 0 1 11
CPABE Construction Public Key , Z p = = = 1/ 0,, , , ( , ) e g g PK G g h g f g Master Key g = ( , ) MK Secret Key , , r r Z j S j p r r + = = = = ( )/ r r ( , , ( ) , H j ' ) SK D g j S D g D g j j j j 13
CPABE Construction Encryption Use general secret sharing techniques to model policy CT = Decryption Uses LaGrange interpolation in the exponents M = 14
Collusion Resistance A critical property for cryptographic access control systems. An adversary that holds multiple keys should only be able to access data if at least one individual key grants access. 15
Collusion Resistance 1, 2,......n j j j S Desired attributes: Random Value: , ..... r r r r Z , , x x x p 1 2 n + = ( )/ r Secret Key, ( , SK g Binds key components to each other Key to preventing collusion attacks r r r ( ) , H j , g g x x 1 1 1 . . r r r ( ) , n H j ) g g x x n n 16
The cp-abe Toolkit cpabe-setup Generates a public key and a master key. cpabe-keygen Given a master key, generates a private key for a set of attributes cpabe-enc Given a public key, encrypts a file under an access tree specified in a policy language. cpabe-dec Given a private key, decrypts a file. 18
The cp-abe Toolkit cpabe-setup cpabe-keygen 19
The cp-abe Toolkit cpabe-enc cpabe-dec 20
Reference [1] Sahai A., Waters B. Fuzzy Identity-Based Encryption. In: Cramer R. (eds) Advances in Cryptology EUROCRYPT 2005. vol 3494. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11426639_27. [2] Goyal, V., Pandey, O., Sahai, A., & Waters, B. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security. 2006, October. pp. 89- 98. [3] Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-Policy Attribute-Based Encryption. 2007 IEEE Symposium on Security and Privacy (SP '07). pp. 321- 334. doi:10.1109/SP.2007.11. ISBN 978-0-7695-2848-9. [4] J. Bethencourt, A. Sahai, and B. Waters. The cpabe toolkit. http://acsc.csl.sri.com/cpabe/ 22
Thank You 23
Appendix Access Tree, (Access Structure) Each non-leaf node of the tree represents a threshold gate is the number of children of a node is the threshold value where is an OR gate is an AND gate x x k num = x A x num xk xk = x 0 k num x x 1 Access Tree, (Policy Check) If a set of attributes, S satisfies the access tree returns iff ( ) 1 x A x A S = ( ) att x S 24
Appendix Shamir's secret sharing scheme Start with root node (R) sec , ret s Z p = , 1 degree d k x x = = (0) q a s 0 R Calculate for each node. polynomial, ( ) q x ( ) q x = + + + + 2 3 1 k ..... a a x a x a x a x 0 1 2 3 1 k 25
Appendix LaGrange interpolation , i j Z p x i j j = ( ) x , i S j S j i , 26