Archive

Archive for the ‘Encryption’ Category

Attribute Based Encryption

February 21, 2016 Comments off

Public Key Infrastructure:

abeindetails-121031110527-phpapp02.jpg

Disadvantage:

  1. To communicate with Alice, Bob, at first, has to communicate with the PKI.

 

Identity Based Encryption (IDE):

In IDE, one’s publicly known identity (ex. email address) is being used as his/her public key where as corresponding private key is generated from the known identity.

IDE encryption scheme is a four algorithms/steps scheme where the algorithms are i. Setup Algorithm ii. Key (private key) Generation Algorithm iii. Encryption Algorithm iv. Decryption Algorithm.

Setup and Key Generation:

1

Encryption & Decryption:

2

Advantage:

  1. Bob does not need to contact KDC / CA for Alice’s Public Key. He knows Alice’s Identity which he uses to encrypt message for Alice.

 

Fuzzy Identity Based Encryption (Fuzzy-IDE):

Fuzzy Identity of a person is a set of descriptive attributes which a predefined error tolerance capability. In Fuzzy-IDE, these attributes are used as one’s known public key.

Setup & Key Generation

3

 

Advantage:

With her private key, Alice can decrypt messages encrypted with her own identity (w). She can also decrypt messages encrypted with other’s identity (w’) if |w ∩ w’| >= d.

Encryption & Decryption in Fuzzy IDE System

4

 

Example:

Person

Fuzzy Identity

d

Comment

Alice

w={“exam-committee”, “chair”, “system”}

2

Alice can decrypt everything that Bob & Charile can Decrypt. Because |w w’|>=2 and |w w’’|>=2

Bob

w’={“exam-committee”, “faculty”, “system”, “usa”}

3

Bob can only decrypt message encrypted with Charlie’s identity as |w’ w’’|>=3

Charlie

w’’={“exam-committee”, “student”, “system”, “usa”}

4

Charlie cannot decrypt any message that are encrypted with others identity.

 

 

Attribute-based Encryption (or Key-policy ABE):

Access Tree / Key-policy(Ƭ):

Access Policy to be associated with private key where leaf nodes are attributes coming from fuzzy identity.

 

8

 

Account Setup & Key-generation:

6

 

Encryption & Decryption:

7.jpg

 

Example:

Assuming, Alice has the following key policy

8

Alice can decrypt a file encrypted with the attribute set {“Computer Science”, “Admission committee”}. But she cannot decrypt another ciphertext associated with attributes {“Computer Science”, “program-committee”}.

For more details, see my slideshare note[1].

Referece:

  1. http://www.slideshare.net/prosunjit/attribute-based-encryption

Advertisements
Categories: Encryption, Uncategorized