TY - GEN
T1 - Defending against key abuse attacks in KP-ABE enabled broadcast systems
AU - Yu, Shucheng
AU - Ren, Kui
AU - Lou, Wenjing
AU - Li, Jin
PY - 2009
Y1 - 2009
N2 - Key-Policy Attribute-Based Encryption (KP-ABE) is a promising cryptographic primitive which enables fine-grained access control over sensitive data. However, key abuse attacks in KP-ABE may impede its wide application especially in copyright-sensitive systems. To defend against this kind of attacks, this paper proposes a novel KP-ABE scheme which is able to disclose any illegal key distributor's ID when key abuse is detected. In our scheme, each bit of user ID is defined as an attribute and the user secret key is associated with his unique ID. The tracing algorithm fulfills its task by tricking the pirate device into decrypting the ciphertext associated with the corresponding bits of his ID. Our proposed scheme has the salient property of black box tracing, i.e., it traces back to the illegal key distributor's ID only by observing the pirate device's outputs on certain inputs. In addition, it does not require the pirate device's secret keys to be well-formed as compared to some previous work. Our proposed scheme is provably secure under the De-cisional Bilinear Diffie-Hellman (DBDH) assumption and the Decisional Linear (DL) assumption.
AB - Key-Policy Attribute-Based Encryption (KP-ABE) is a promising cryptographic primitive which enables fine-grained access control over sensitive data. However, key abuse attacks in KP-ABE may impede its wide application especially in copyright-sensitive systems. To defend against this kind of attacks, this paper proposes a novel KP-ABE scheme which is able to disclose any illegal key distributor's ID when key abuse is detected. In our scheme, each bit of user ID is defined as an attribute and the user secret key is associated with his unique ID. The tracing algorithm fulfills its task by tricking the pirate device into decrypting the ciphertext associated with the corresponding bits of his ID. Our proposed scheme has the salient property of black box tracing, i.e., it traces back to the illegal key distributor's ID only by observing the pirate device's outputs on certain inputs. In addition, it does not require the pirate device's secret keys to be well-formed as compared to some previous work. Our proposed scheme is provably secure under the De-cisional Bilinear Diffie-Hellman (DBDH) assumption and the Decisional Linear (DL) assumption.
UR - http://www.scopus.com/inward/record.url?scp=84885886363&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84885886363&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-05284-2_18
DO - 10.1007/978-3-642-05284-2_18
M3 - Conference contribution
AN - SCOPUS:84885886363
SN - 3642052835
SN - 9783642052835
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
SP - 311
EP - 329
BT - Security and Privacy in Communication Networks - 5th International ICST Conference, SecureComm 2009, Revised Selected Papers
T2 - 5th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2009
Y2 - 14 September 2009 through 18 September 2009
ER -