Papers /

Bethencourt-SSP 2007






Warhammer 40k




Bethencourt-SSP 2007

Ciphertext-Policy Attribute-Based Encryption

Bethencourt, Sahai, Waters

content-centric networking security cryptography encryption

  title={Ciphertext-Policy Attribute-Based Encryption},
  author={Bethencourt, J. and Sahai, A. and Waters, B.},
  booktitle={{IEEE} Symposium on Security and Privacy},

[ Download PDF ]


In several distributed systems a user should only be able to access data if a user posses a certain set of cre- dentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call Ciphertext-Policy Attribute-Based Encryption. By using our techniques encrypted data can be kept confidential even if the stor- age server is untrusted; moreover, our methods are secure against collusion attacks. Previous Attribute- Based Encryption systems used attributes to describe the encrypted data and built policies into userís keys; while in our system attributes are used to describe a userís credentials, and a party encrypting data deter- mines a policy for who can decrypt. Thus, our meth- ods are conceptually closer to traditional access control methods such as Role-Based Access Control (RBAC). In addition, we provide an implementation of our sys- tem and give performance measurements.
Recent Changes (All) | Edit SideBar Page last modified on August 27, 2012, at 09:26 AM Edit Page | Page History
Powered by PmWiki