SlideShare a Scribd company logo

Attribute Based Encryption

Download as DOCX, PDF
UT, San Antonio
UT, San Antonio
Technology
1 of 6
Public Key Infrastructure: Encryption & Decryption: 1. Bob Request Alice's Public key Public Key Infrastructure from KDC 4. Alice uses her private key to Alice decrypt messages encrypted by Bob. Public Key 2.PKI signs the Public key & send Private Key Bob it to Bob 3. Bob uses her public key to encrypt message for Alice. Disadvantage: 1. To communicate with Alice, Bob, at first, has to communicate with the PKI.
Identity Based Encryption (IDE): In IDE, one’s publicly known identity (ex. email address) is being used as his/her public key where as corresponding private key is generated from the known identity. IDE encryption scheme is a four algorithms/steps scheme where the algorithms are i. Setup Algorithm ii. Key (private key) Generation Algorithm iii. Encryption Algorithm iv. Decryption Algorithm. Setup and Key Generation: Private Key Generator (PKG) 1. Set up Algorithm generate a master key for Alice Master Key 2. Alice show & Prove her 3. Given the identity, Key Generation Algorithm Identity to PKG generate Private key for Alice. Identity Private Key Ex: alice@example.org Encryption & Decryption: 1. Bob knows & uses Alice's Private Key Generator Identity to encrypt the message (PKG) Bob Alice Master Key 2. Alice uses her Private Key to decrypt the message Identity Private Key Ex.alice@example.org Advantage: 1. Bob does not need to contact KDC / CA for Alice’s Public Key. He knows Alice’s Identity which he uses to encrypt message for Alice.
Fuzzy Identity Based Encryption (Fuzzy-IDE): Fuzzy Identity of a person is a set of descriptive attributes which a predefined error tolerance capability. In Fuzzy-IDE, these attributes are used as one’s known public key. Setup & Key Generation Private Key Generator (PKG) 1. Given a Error Tolerance factor d, set up algorithm generates a Master key for Alice. Master Key 2. Alice's Identity w is being decided Fuzzy Identity (w) Private Key 3. Given Identity w, Key Generation Algorithm generates Alice's Private Attr1 ... AttrN key. Advantage: With her private key, Alice can decrypt messages encrypted with her own identity (w). She can also decrypt messages encrypted with other’s identity (w’) if |w ∩w’| >= d. Encryption & Decryption in Fuzzy IDE System 1. Charlie encrypt Message(M) 3. Alice can also decrypt M with her with Bob's Identity w' private Key with (|w∩w'| >= d) Charlie Bob Alice (Identity w'') (Identity w') (Identity w) 2. Bob can decrypt M with his private Key Example: Person Fuzzy Identity d Comment Alice w={“exam-committee”, “chair”, 2 Alice can decrypt everything that Bob & “system”} Charile can Decrypt. Because |w ∩w’|>=2 and |w ∩w’’|>=2 Bob w’={“exam-committee”, 3 Bob can only decrypt message encrypted “faculty”, “system”, “usa”} with Charlie’s identity as |w’ ∩w’’|>=3 Charlie w’’={“exam-committee”, 4 Charlie cannot decrypt any message that “student”, “system”, “usa”} are encrypted with others identity.
Attribute-based Encryption (or Key-policy ABE): Access Tree / Key-policy(Ƭ): Access Policy to be associated with private key where leaf nodes are attributes coming from fuzzy identity. OR AND Dean 2 out of 3 Computer Science Admission- Computer Science Admission- faculty committee committee Account Setup & Key-generation: Private Key Generator (PKG) 1. Setup Algorithm generates Alice's Master Key Master Key 4. Given the Key-policy, Key Generation Algorithm generates 2. Alice's Identity is being decided Private key for Alice. Fuzzy Identity (w) Private Key 3. Alice's Key Policy is being decided from her identity Attr1 ... AttrN Key Policy Encryption & Decryption: 3. Alice can decrypt M if her key policy is satisfied with γ. ie Ƭ(γ)=1 Bob Alice Charlie (Identity w) (Identity w') (Identity w'') 2. Bob can decrypt M if his 1. Charlie encrypt Message(M) key policy is satisfied with γ. with a set of attributes γ (not ie Ƭ(γ)=1 with anyone's identity )
Example: Assuming, Alice has the following key policy OR AND Dean 2 out of 3 Computer Science Admission- Computer Science Admission- faculty committee committee Alice can decrypt a file encrypted with the attribute set {“Computer Science”, “Admission committee”}. But she cannot decrypt another ciphertext associated with attributes {“Computer Science”, “program- committee”}. Variations of ABE: Ciphertext-Policy ABE vs. Key-policy ABE: While in original ABE (key-policy ABE) access policy is associated with the private key, in Ciphertext– policy ABE, access policy is associated in the ciphertext. Key-policy ABE Ciphertext-policy ABE pon B E s ts Ciphertext Private key ent com y A en Ciphertext Private key pon ed t-polic ed y ABE com Sel hertex Attribute sel -polic Policy Association Association Policy Attribute e ct e ct Association K ey Cip Association
ABE with monotonic Access Structure vs. ABE with non-monotonic Access Structure: Monotonic Access structure uses ‘AND gate’, ‘OR gate’, or ‘k out of N’ threshold gate. Non-Monotonic Access structure uses Monotonic Access structure and additional ‘NOT gate’. Example: OR Monotonic Access Dean 2 out of 3 AND structure Computer Science Admission- Computer Science Admission- faculty committee committee Example: OR Non- Monotonic AND Dean 2 out of 3 Access structure Computer Science Admission- Computer Science program- NOT committee committee Student Hierarchical ABE (HABE): In HABE, the attributes are classified into trees according to their relationship defined in the access control system. Every node in this tree is associated with an attribute, and an ancestral node can derive its descendant’s key, but the reverse is not allowed. Attribute1 Attribute1 can be used instead of any or all the attributes of this tree Attribute2 can be used instead of attribute4 or attribute 5 or both of them but not vice versa. Attribute2 Attribute3 Attribute4 Attribute5 Single Authority ABE vs. Multi-authority ABE:

Recommended

Attribute Based Encryption with Privacy Preserving In Clouds
Attribute Based Encryption with Privacy Preserving In Clouds Attribute Based Encryption with Privacy Preserving In Clouds
Attribute Based Encryption with Privacy Preserving In Clouds Swathi Rampur
 
Key management.ppt
Key management.pptKey management.ppt
Key management.pptSou Jana
 
Keyloggers
KeyloggersKeyloggers
Keyloggerskdore
 
Key management
Key managementKey management
Key managementSujata Regoti
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
The strategies of password
The strategies of passwordThe strategies of password
The strategies of passwordMohammedAlhamoodi
 
Kerberos
KerberosKerberos
KerberosSutanu Paul
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Securityyousef emami
 

Recommended

Attribute Based Encryption with Privacy Preserving In Clouds
Attribute Based Encryption with Privacy Preserving In Clouds Attribute Based Encryption with Privacy Preserving In Clouds
Attribute Based Encryption with Privacy Preserving In Clouds Swathi Rampur
 
Key management.ppt
Key management.pptKey management.ppt
Key management.pptSou Jana
 
Keyloggers
KeyloggersKeyloggers
Keyloggerskdore
 
Key management
Key managementKey management
Key managementSujata Regoti
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
The strategies of password
The strategies of passwordThe strategies of password
The strategies of passwordMohammedAlhamoodi
 
Kerberos
KerberosKerberos
KerberosSutanu Paul
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Securityyousef emami
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange ProtocolPrateek Singh Bapna
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMACKrishna Gehlot
 
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...Pawan Arya
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Advanced encryption standard (aes)
Advanced encryption standard (aes)Advanced encryption standard (aes)
Advanced encryption standard (aes)farazvirk554
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS FingerprintingRashmika Nawaratne
 
Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
 
Virus
VirusVirus
VirusProtik Roy
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesScott Hurrey
 
Brute force attack
Brute force attackBrute force attack
Brute force attackJamil Ali Ahmed
 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemCrowdStrike
 
WEP
WEPWEP
WEPSudeep Kulkarni
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdfThe-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdfprasunkagrawal
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS Ghanshyam Patel
 
Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityMphasis
 
Attributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionAttributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionKaashivInfoTech Company
 

More Related Content

What's hot

Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMACKrishna Gehlot
 
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...Pawan Arya
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptographychauhankapil
 
Advanced encryption standard (aes)
Advanced encryption standard (aes)Advanced encryption standard (aes)
Advanced encryption standard (aes)farazvirk554
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesScott Hurrey
 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemCrowdStrike
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdfThe-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdfprasunkagrawal
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
User authentication
User authenticationUser authentication
User authenticationCAS
 

What's hot (20)

Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
 
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
A Fully Anonymous Attribute-Based Encryption to Control Cloud Data Access and...
 
Symmetric & Asymmetric Cryptography
Symmetric & Asymmetric CryptographySymmetric & Asymmetric Cryptography
Symmetric & Asymmetric Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Advanced encryption standard (aes)
Advanced encryption standard (aes)Advanced encryption standard (aes)
Advanced encryption standard (aes)
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
 
Cryptography
CryptographyCryptography
Cryptography
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
 
Virus
VirusVirus
Virus
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
Brute force attack
Brute force attackBrute force attack
Brute force attack
 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
 
WEP
WEPWEP
WEP
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithm
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network security
 
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdfThe-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
The-Hacker-Playbook-Practical-Guide-To-Penetration-Testing-2014.pdf
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
 
User authentication
User authenticationUser authentication
User authentication
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS
 

Viewers also liked

Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityMphasis
 
Attributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionAttributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionKaashivInfoTech Company
 
Final_attribute based encryption in cloud with significant reduction of compu...
Final_attribute based encryption in cloud with significant reduction of compu...Final_attribute based encryption in cloud with significant reduction of compu...
Final_attribute based encryption in cloud with significant reduction of compu...Naveena N
 
Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...shreyank byadagi
 
Efficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingEfficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingNaveena N
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Naveena N
 
Attribute based encryption with privacy preserving in clouds
Attribute based encryption with privacy preserving in cloudsAttribute based encryption with privacy preserving in clouds
Attribute based encryption with privacy preserving in cloudsSwathi Rampur
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...IGEEKS TECHNOLOGIES
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Papitha Velumani
 
Attribute based encryption in cloud with significant reduction reviw2
Attribute based encryption in cloud with significant reduction reviw2Attribute based encryption in cloud with significant reduction reviw2
Attribute based encryption in cloud with significant reduction reviw2Naveena N
 
Scalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordsScalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordscolourswathi
 
B04010610
B04010610B04010610
B04010610IJMER
 
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...Nexgen Technology
 
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...Nexgen Technology
 
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...Nexgen Technology
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Adz91 Digital Ads Pvt Ltd
 
Personal Health Records
Personal Health RecordsPersonal Health Records
Personal Health RecordsRRR784
 
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...IEEEGLOBALSOFTTECHNOLOGIES
 

Viewers also liked (20)

Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud Security
 
Attributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionAttributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryption
 
Final_attribute based encryption in cloud with significant reduction of compu...
Final_attribute based encryption in cloud with significant reduction of compu...Final_attribute based encryption in cloud with significant reduction of compu...
Final_attribute based encryption in cloud with significant reduction of compu...
 
Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...
 
Efficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingEfficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computing
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...
 
Attribute based encryption with privacy preserving in clouds
Attribute based encryption with privacy preserving in cloudsAttribute based encryption with privacy preserving in clouds
Attribute based encryption with privacy preserving in clouds
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
 
Attribute based encryption in cloud with significant reduction reviw2
Attribute based encryption in cloud with significant reduction reviw2Attribute based encryption in cloud with significant reduction reviw2
Attribute based encryption in cloud with significant reduction reviw2
 
phr
phrphr
phr
 
Scalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordsScalable and secure sharing of personal health records
Scalable and secure sharing of personal health records
 
B04010610
B04010610B04010610
B04010610
 
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
 
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
 
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
AN EFFICIENT FILE HIERARCHY ATTRIBUTE-BASED ENCRYPTION SCHEME IN CLOUD COMPUT...
 
Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...Decentralized access control with anonymous authentication of data stored in ...
Decentralized access control with anonymous authentication of data stored in ...
 
Personal Health Records
Personal Health RecordsPersonal Health Records
Personal Health Records
 
Ppt 1
Ppt 1Ppt 1
Ppt 1
 
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...
JAVA 2013 IEEE CLOUDCOMPUTING PROJECT Attribute based encryption with verifia...
 

Similar to Attribute Based Encryption

13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptographydrewz lin
 
Establishing Public and secret keys in Network Security
Establishing Public and secret keys in Network SecurityEstablishing Public and secret keys in Network Security
Establishing Public and secret keys in Network Securitychitram210
 
Network Security
Network SecurityNetwork Security
Network Securityhj43us
 
Part04 key exchange protocols
Part04 key exchange protocolsPart04 key exchange protocols
Part04 key exchange protocolsLê Liêu
 
Chapter 8 - Security in Computer Networks
Chapter 8 - Security in Computer NetworksChapter 8 - Security in Computer Networks
Chapter 8 - Security in Computer NetworksAndy Juan Sarango Veliz
 
Us 17-radocea-intercepting-i cloud-keychain
Us 17-radocea-intercepting-i cloud-keychainUs 17-radocea-intercepting-i cloud-keychain
Us 17-radocea-intercepting-i cloud-keychainAlex Radocea
 
aacyberessential3cryptography-131067585699078884.pptx
aacyberessential3cryptography-131067585699078884.pptxaacyberessential3cryptography-131067585699078884.pptx
aacyberessential3cryptography-131067585699078884.pptxImXaib
 
CS283-PublicKey.ppt
CS283-PublicKey.pptCS283-PublicKey.ppt
CS283-PublicKey.pptMIBrand
 
CS283-PublicKey.ppt
CS283-PublicKey.pptCS283-PublicKey.ppt
CS283-PublicKey.pptShounakDas16
 

Similar to Attribute Based Encryption (11)

13
1313
13
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
 
Crypt
CryptCrypt
Crypt
 
Establishing Public and secret keys in Network Security
Establishing Public and secret keys in Network SecurityEstablishing Public and secret keys in Network Security
Establishing Public and secret keys in Network Security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Part04 key exchange protocols
Part04 key exchange protocolsPart04 key exchange protocols
Part04 key exchange protocols
 
Chapter 8 - Security in Computer Networks
Chapter 8 - Security in Computer NetworksChapter 8 - Security in Computer Networks
Chapter 8 - Security in Computer Networks
 
Us 17-radocea-intercepting-i cloud-keychain
Us 17-radocea-intercepting-i cloud-keychainUs 17-radocea-intercepting-i cloud-keychain
Us 17-radocea-intercepting-i cloud-keychain
 
aacyberessential3cryptography-131067585699078884.pptx
aacyberessential3cryptography-131067585699078884.pptxaacyberessential3cryptography-131067585699078884.pptx
aacyberessential3cryptography-131067585699078884.pptx
 
CS283-PublicKey.ppt
CS283-PublicKey.pptCS283-PublicKey.ppt
CS283-PublicKey.ppt
 
CS283-PublicKey.ppt
CS283-PublicKey.pptCS283-PublicKey.ppt
CS283-PublicKey.ppt
 

More from UT, San Antonio

digital certificate - types and formats
digital certificate - types and formatsdigital certificate - types and formats
digital certificate - types and formatsUT, San Antonio
 
Static Analysis with Sonarlint
Static Analysis with SonarlintStatic Analysis with Sonarlint
Static Analysis with SonarlintUT, San Antonio
 
Shellshock- from bug towards vulnerability
Shellshock- from bug towards vulnerabilityShellshock- from bug towards vulnerability
Shellshock- from bug towards vulnerabilityUT, San Antonio
 
Big Data Processing: Performance Gain Through In-Memory Computation
Big Data Processing: Performance Gain Through In-Memory ComputationBig Data Processing: Performance Gain Through In-Memory Computation
Big Data Processing: Performance Gain Through In-Memory ComputationUT, San Antonio
 
Enumerated authorization policy ABAC (EP-ABAC) model
Enumerated authorization policy ABAC (EP-ABAC) modelEnumerated authorization policy ABAC (EP-ABAC) model
Enumerated authorization policy ABAC (EP-ABAC) modelUT, San Antonio
 
Where is my Privacy presentation slideshow (one page only)
Where is my Privacy presentation slideshow (one page only)Where is my Privacy presentation slideshow (one page only)
Where is my Privacy presentation slideshow (one page only)UT, San Antonio
 
Security_of_openstack_keystone
Security_of_openstack_keystoneSecurity_of_openstack_keystone
Security_of_openstack_keystoneUT, San Antonio
 
Research seminar group_1_prosunjit
Research seminar group_1_prosunjitResearch seminar group_1_prosunjit
Research seminar group_1_prosunjitUT, San Antonio
 
Final Project Transciption Factor DNA binding Prediction
Final Project Transciption Factor DNA binding Prediction Final Project Transciption Factor DNA binding Prediction
Final Project Transciption Factor DNA binding Prediction UT, San Antonio
 
Transcription Factor DNA Binding Prediction
Transcription Factor DNA Binding PredictionTranscription Factor DNA Binding Prediction
Transcription Factor DNA Binding PredictionUT, San Antonio
 

More from UT, San Antonio (20)

digital certificate - types and formats
digital certificate - types and formatsdigital certificate - types and formats
digital certificate - types and formats
 
Saml metadata
Saml metadataSaml metadata
Saml metadata
 
Static Analysis with Sonarlint
Static Analysis with SonarlintStatic Analysis with Sonarlint
Static Analysis with Sonarlint
 
Shellshock- from bug towards vulnerability
Shellshock- from bug towards vulnerabilityShellshock- from bug towards vulnerability
Shellshock- from bug towards vulnerability
 
Abac17 prosun-slides
Abac17 prosun-slidesAbac17 prosun-slides
Abac17 prosun-slides
 
Abac17 prosun-slides
Abac17 prosun-slidesAbac17 prosun-slides
Abac17 prosun-slides
 
Recitation
RecitationRecitation
Recitation
 
Recitation
RecitationRecitation
Recitation
 
Big Data Processing: Performance Gain Through In-Memory Computation
Big Data Processing: Performance Gain Through In-Memory ComputationBig Data Processing: Performance Gain Through In-Memory Computation
Big Data Processing: Performance Gain Through In-Memory Computation
 
Enumerated authorization policy ABAC (EP-ABAC) model
Enumerated authorization policy ABAC (EP-ABAC) modelEnumerated authorization policy ABAC (EP-ABAC) model
Enumerated authorization policy ABAC (EP-ABAC) model
 
Where is my Privacy presentation slideshow (one page only)
Where is my Privacy presentation slideshow (one page only)Where is my Privacy presentation slideshow (one page only)
Where is my Privacy presentation slideshow (one page only)
 
Three month course
Three month courseThree month course
Three month course
 
One month-syllabus
One month-syllabusOne month-syllabus
One month-syllabus
 
Zerovm backgroud
Zerovm backgroudZerovm backgroud
Zerovm backgroud
 
Security_of_openstack_keystone
Security_of_openstack_keystoneSecurity_of_openstack_keystone
Security_of_openstack_keystone
 
Research seminar group_1_prosunjit
Research seminar group_1_prosunjitResearch seminar group_1_prosunjit
Research seminar group_1_prosunjit
 
Ksi
KsiKsi
Ksi
 
Final Project Transciption Factor DNA binding Prediction
Final Project Transciption Factor DNA binding Prediction Final Project Transciption Factor DNA binding Prediction
Final Project Transciption Factor DNA binding Prediction
 
Cyber Security Exam 2
Cyber Security Exam 2Cyber Security Exam 2
Cyber Security Exam 2
 
Transcription Factor DNA Binding Prediction
Transcription Factor DNA Binding PredictionTranscription Factor DNA Binding Prediction
Transcription Factor DNA Binding Prediction
 

Recently uploaded

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 

Recently uploaded (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 

Attribute Based Encryption

  • 1. Public Key Infrastructure: Encryption & Decryption: 1. Bob Request Alice's Public key Public Key Infrastructure from KDC 4. Alice uses her private key to Alice decrypt messages encrypted by Bob. Public Key 2.PKI signs the Public key & send Private Key Bob it to Bob 3. Bob uses her public key to encrypt message for Alice. Disadvantage: 1. To communicate with Alice, Bob, at first, has to communicate with the PKI.
  • 2. Identity Based Encryption (IDE): In IDE, one’s publicly known identity (ex. email address) is being used as his/her public key where as corresponding private key is generated from the known identity. IDE encryption scheme is a four algorithms/steps scheme where the algorithms are i. Setup Algorithm ii. Key (private key) Generation Algorithm iii. Encryption Algorithm iv. Decryption Algorithm. Setup and Key Generation: Private Key Generator (PKG) 1. Set up Algorithm generate a master key for Alice Master Key 2. Alice show & Prove her 3. Given the identity, Key Generation Algorithm Identity to PKG generate Private key for Alice. Identity Private Key Ex: alice@example.org Encryption & Decryption: 1. Bob knows & uses Alice's Private Key Generator Identity to encrypt the message (PKG) Bob Alice Master Key 2. Alice uses her Private Key to decrypt the message Identity Private Key Ex.alice@example.org Advantage: 1. Bob does not need to contact KDC / CA for Alice’s Public Key. He knows Alice’s Identity which he uses to encrypt message for Alice.
  • 3. Fuzzy Identity Based Encryption (Fuzzy-IDE): Fuzzy Identity of a person is a set of descriptive attributes which a predefined error tolerance capability. In Fuzzy-IDE, these attributes are used as one’s known public key. Setup & Key Generation Private Key Generator (PKG) 1. Given a Error Tolerance factor d, set up algorithm generates a Master key for Alice. Master Key 2. Alice's Identity w is being decided Fuzzy Identity (w) Private Key 3. Given Identity w, Key Generation Algorithm generates Alice's Private Attr1 ... AttrN key. Advantage: With her private key, Alice can decrypt messages encrypted with her own identity (w). She can also decrypt messages encrypted with other’s identity (w’) if |w ∩w’| >= d. Encryption & Decryption in Fuzzy IDE System 1. Charlie encrypt Message(M) 3. Alice can also decrypt M with her with Bob's Identity w' private Key with (|w∩w'| >= d) Charlie Bob Alice (Identity w'') (Identity w') (Identity w) 2. Bob can decrypt M with his private Key Example: Person Fuzzy Identity d Comment Alice w={“exam-committee”, “chair”, 2 Alice can decrypt everything that Bob & “system”} Charile can Decrypt. Because |w ∩w’|>=2 and |w ∩w’’|>=2 Bob w’={“exam-committee”, 3 Bob can only decrypt message encrypted “faculty”, “system”, “usa”} with Charlie’s identity as |w’ ∩w’’|>=3 Charlie w’’={“exam-committee”, 4 Charlie cannot decrypt any message that “student”, “system”, “usa”} are encrypted with others identity.
  • 4. Attribute-based Encryption (or Key-policy ABE): Access Tree / Key-policy(Ƭ): Access Policy to be associated with private key where leaf nodes are attributes coming from fuzzy identity. OR AND Dean 2 out of 3 Computer Science Admission- Computer Science Admission- faculty committee committee Account Setup & Key-generation: Private Key Generator (PKG) 1. Setup Algorithm generates Alice's Master Key Master Key 4. Given the Key-policy, Key Generation Algorithm generates 2. Alice's Identity is being decided Private key for Alice. Fuzzy Identity (w) Private Key 3. Alice's Key Policy is being decided from her identity Attr1 ... AttrN Key Policy Encryption & Decryption: 3. Alice can decrypt M if her key policy is satisfied with γ. ie Ƭ(γ)=1 Bob Alice Charlie (Identity w) (Identity w') (Identity w'') 2. Bob can decrypt M if his 1. Charlie encrypt Message(M) key policy is satisfied with γ. with a set of attributes γ (not ie Ƭ(γ)=1 with anyone's identity )
  • 5. Example: Assuming, Alice has the following key policy OR AND Dean 2 out of 3 Computer Science Admission- Computer Science Admission- faculty committee committee Alice can decrypt a file encrypted with the attribute set {“Computer Science”, “Admission committee”}. But she cannot decrypt another ciphertext associated with attributes {“Computer Science”, “program- committee”}. Variations of ABE: Ciphertext-Policy ABE vs. Key-policy ABE: While in original ABE (key-policy ABE) access policy is associated with the private key, in Ciphertext– policy ABE, access policy is associated in the ciphertext. Key-policy ABE Ciphertext-policy ABE pon B E s ts Ciphertext Private key ent com y A en Ciphertext Private key pon ed t-polic ed y ABE com Sel hertex Attribute sel -polic Policy Association Association Policy Attribute e ct e ct Association K ey Cip Association
  • 6. ABE with monotonic Access Structure vs. ABE with non-monotonic Access Structure: Monotonic Access structure uses ‘AND gate’, ‘OR gate’, or ‘k out of N’ threshold gate. Non-Monotonic Access structure uses Monotonic Access structure and additional ‘NOT gate’. Example: OR Monotonic Access Dean 2 out of 3 AND structure Computer Science Admission- Computer Science Admission- faculty committee committee Example: OR Non- Monotonic AND Dean 2 out of 3 Access structure Computer Science Admission- Computer Science program- NOT committee committee Student Hierarchical ABE (HABE): In HABE, the attributes are classified into trees according to their relationship defined in the access control system. Every node in this tree is associated with an attribute, and an ancestral node can derive its descendant’s key, but the reverse is not allowed. Attribute1 Attribute1 can be used instead of any or all the attributes of this tree Attribute2 can be used instead of attribute4 or attribute 5 or both of them but not vice versa. Attribute2 Attribute3 Attribute4 Attribute5 Single Authority ABE vs. Multi-authority ABE: