In Ciphertext Policy Attribute Based Encryption (CP-ABE), a secret key of the user as well as the ciphertext (CT) is defined based on the attributes. A user is able to decrypt the ciphertext if and only if the attributes within a policy of ciphertext are satisfied by the attributes of the secret key. If we increase the number of attributes in the policy of ciphertext than the size of final ciphertext will also increase and subsequently leads to communication overhead as well as computational overhead at the receiver side. Hence, it is desirable to ensure constant ciphertext length in CP-ABE. However, the existing schemes in constant CT length proposed so far achieve only a selective security model i.e. the attacker must announce the target access policy before seeing the public parameter. This leads to a weaker security model. Therefore, we propose the fully secure CP-ABE, which requires the attribute set of ciphertext to be a subset of user’s secret key.
One more limitation of the schemes in constant CT length proposed so far is that they are based on a single authority approach. To deal with a single point of failure in a such a scheme, we propose a multi-authority CP-ABE scheme, with the support for any arbitrary numbers of attribute authorities under a central authority.
Additionally in the CP-ABE scheme, the receiver’s anonymity is sacrificed as the access structure of the ciphertext reveals the same. The obvious solution to this problem is to hide ciphertext-policy (hidden access structure). However, although this solution uses reasonably computable decryption policies, it generates the ciphertext of a size that is at least, linearly varying with the number of attributes.
We investigate such issues and propose a novel approach to deal with constant ciphertext length. Thereafter we extend the same approach to provide support for the multi authorities and for providing the receiver anonymity with a hidden access structure.
Additionally, we also propose an approach for the support of homomorphic encryption in a CP-ABE scheme with constant CT length. In addition, we propose a scheme that allows dynamic attribute updates in the receiver’s secret key without affecting other attributes.
Lastly, we also illustrate the application of the CP-ABE schemes in two novel areas viz. in Verifiable Secret Sharing (VSS) - to mitigate the malicious behavior of a shareholder or a dealer and in Onion routing for improving the efficiency, to lend stronger security and to ensure failure tolerance. To the best of our knowledge these are the novel applications of the CP-ABE schemes.