The document discusses attribute-based encryption (ABE) techniques for access control of encrypted data. It describes ciphertext-policy attribute-based encryption (CP-ABE) which allows a user to decrypt a ciphertext if they possess a set of attributes that satisfy the ciphertext's access policy. The CP-ABE scheme involves four algorithms: Setup generates public and master keys, Encrypt generates a ciphertext based on an access policy and attributes, KeyGeneration generates a private key for a set of attributes, and Decrypt decrypts a ciphertext if a user's attributes satisfy the access policy.

1. Attribute-Based
Encryption
Prof Bill Buchanan, The Cyber Academy
http://asecuritysite.com

2. Access Control
• Role-Based Access Control (RBAC). Define the role for the access to
data, eg Policy = Subject (AND/OR) Role –> Permissions.
• Attribute-Based Access Control (ABCL). Define attributes eg Policy =
User (role, nationality) AND/OR Resource (department, owner) AND/
OR Action AND/OR Context (time, IP, location) -> Permissions.

3. Elliptic Curves
Private key:
0xc9f4f55bdeb5ba0bd337f2dbc952a5439e20ef9a
f6203d25d014e7102d86aaeeL
Public key:
0xc44370819cb3b7b57b2aa7edf550a9a5410c234
d27aff497458bbbfec8b6a327,
0x52a1a3e222cd89cbd2764b69bd9b0ea5c4fd6ca
28861e1f2140eeff9c2e76487
G:
(506626302227734366957871889516853432625
0603453777594175500187360389116729240L,
3267051002075881697808308513050704318447
1273380659243275938904335757337482424L)

4. Elliptic Curves
Private key:
0xc9f4f55bdeb5ba0bd337f2dbc952a5439e20ef9a
f6203d25d014e7102d86aaeeL
Public key:
0xc44370819cb3b7b57b2aa7edf550a9a5410c234
d27aff497458bbbfec8b6a327,
0x52a1a3e222cd89cbd2764b69bd9b0ea5c4fd6ca
28861e1f2140eeff9c2e76487
G:
(506626302227734366957871889516853432625
0603453777594175500187360389116729240L,
3267051002075881697808308513050704318447
1273380659243275938904335757337482424L)

5. Finite Fields with Prime
• A: 0
• B: 7
• Prime number: 38047
• Elliptic curve is: y2=x3+ 7
• Finding the first 20 points
• (83, 33) (180, 104) (296, 156) (491, 81) (896,
81) (905, 155) (1307, 86) (1563, 41) (1570,
136) (1857, 56) (1904, 25) (2004, 119)
(2011, 170) (2209, 75) (2219, 90) (2447, 51)
(2767, 40) (2843, 170) (3138, 29) (3485, 33)
(3713, 109)
• [Link]

6. Bilinear mapping

7. ABE
• Key-policy attribute-based encryption (KP-ABE) and the other is In KP-
ABE we generate the key based on a policy that contains attributes.
• Ciphertext-policy attribute-based encryption (CP-ABE). In CP-ABE we
use a tree structure with different keys into order to access given
attributes.

8. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

9. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

10. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

11. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

12. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

13. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

14. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

15. CP-ABE
• Setup. This stage generates the public parameters (PK) and a master key (MK).
• Encrypt(PK,M, A). In this stage we take PK, and a message (M), along with an access
structure for all the attributes (A). The output will be some ciphertext (CT) and which
embeds A, so that when a user satisfies the required attributes, they will be able to
decrypt the ciphertext.
• Key Generation(MK,S). In this stage we take the master key (MK) and a number of
attributes that define the key (S), and output a private key (SK).
• Decrypt(PK, CT, SK). In this stage we take the public parameters (PK), the cipher text
(CT — and which contains the access policy), and the secret key (for a given set of
attributes S), and try to decrypt the ciphertext. If successful we will get our message
(M) back again.
• Delegate(SK, S˜). If required, we can use a delegate will take the secret key (SK) and
return a secret key (SK) for a given set of attributes (S˜).

16. Attribute-Based
Encryption
Prof Bill Buchanan, The Cyber Academy
http://asecuritysite.com