ADR-lrABE : New Mechanism of Direct-revocable Attribute-Based Encryption with Continual-leakage Tolerances

In order to provide a flexible access control in a secure manner in open networks, Attribute-Based Encryption (ABE) implements a fine-grained decentralized access control that is based on properties or attributes a user/node owns, which has paid more attention to the applications in large-scale and dynamic networks such as Mesh network, Wireless Body Area Networks (WBAN), and Internet of Things etc. However, as the openness and exposure in such networks, an attacker (e.g., virus, eavesdropper or sniffer) can blow the concrete implementation of cryptosystems, for example side channel attacks, and then obtains some sensitive and secret states in the system by monitoring pseudo-random numbers, internal results and secret keys and thus breaks the provable security of the systems. In this paper, in order to tolerate the possible key leakage, we model a fine-grained attribute revocable attribute-based encryption, namely ADR-lrABE, and then give the concrete construction, security analysis and resilient-leakage performance. The scheme tolerates the key of matching the challenge ciphertext to be partially revealed (i.e., key leakage resilience), and it provides a update mechanism to tolerate continual leakage that allows the attacker gains the leakage beyond the bound in the lifetime of the system (i.e., continual leakage tolerance). Also, it supports the properties of attribute direct revocation that the revocation procedure does not affect any other user’s secret key. That is, the proposed scheme is proven to be semantically secure even the decryption key is partially leaked to the attacker. We analyze the leakage-resilient performance of our scheme, and indicate that the scheme achieves approximate (82 + o(1)) fraction of the bits of a decryption key being leaked. We also provide a mechanism to transform the scheme into a prime-order group. To the best of our knowledge, our schemes are the first ABE that support attribute direct revocation mechanism in the presence of key leakage in noise channel or memory leakage environments.

---

Opracowanie rekordu w ramach umowy 509/P-DUN/2018 ze środków MNiSW przeznaczonych na działalność upowszechniającą naukę (2018).