Systematizing core properties of pairing-based attribute-based encryption to uncover remaining challenges in enforcing access control in practice

Marloes Venema*, Greg Alpár, Jaap-Henk Hoepman

*Corresponding author for this work

Research output: Contribution to journalArticleAcademicpeer-review

Abstract

Attribute-based encryption (ABE) cryptographically implements fine-grained access control on data. As such, data can be stored by an entity that is not necessarily trusted to enforce access control, or an entity that is not even trusted to have access to the plaintext data at all. Instead, access control can be externally enforced by a trusted entity. Additionally, some multi-authority variants of ABE—which do not have a central authority—can effectively and securely implement access control in multiple-domain settings. Furthermore, ABE is the only cryptographic approach to fine-grained access control that does not require an online trusted third party during access requests, and thus provides better availability properties. The actual realization of these theoretical advantages in practice depends on whether current state-of-the-art ABE schemes support the necessary core properties. Much progress has been made in the last two decades in pairing-based ABE schemes, owing to their versatility and efficiency. In fact, it is possible to support most core properties under strong security guarantees, while incurring acceptable storage and computational costs. It is therefore a good time to ask ourselves whether pairing-based ABE has reached its full practical potential. To answer this question, we provide a comprehensive systematized overview of various existing pairing-based ABE schemes and their core properties. We also investigate the relationship between these core properties and real-world access control requirements. We show that a few challenges remain, that must be overcome for ABE to reach its full potential as a mechanism to implement efficient and secure access control in practice.
Original languageEnglish
Pages (from-to)165-220
Number of pages56
JournalDesigns CoDes and Cryptography
Volume91
Issue number1
Early online date6 Sept 2022
DOIs
Publication statusPublished - Jan 2023

Keywords

  • Attribute-based encryption
  • Access control
  • Systematization of knowledge
  • ELLIPTIC-CURVES
  • SECURE IBE
  • IDENTITY-BASED ENCRYPTION
  • MULTI-AUTHORITY
  • DUAL SYSTEM ENCRYPTION
  • PRIME-ORDER GROUPS
  • RANDOM ORACLE MODEL
  • ELECTRONIC HEALTH RECORDS
  • CONSTANT-SIZE CIPHERTEXTS
  • FUNCTIONAL ENCRYPTION

Fingerprint

Dive into the research topics of 'Systematizing core properties of pairing-based attribute-based encryption to uncover remaining challenges in enforcing access control in practice'. Together they form a unique fingerprint.

Cite this