Questions tagged [abe]
Attribute-Based Encryption is a type of public-key encryption in which the key used for encryption is based on selected attributes of the readers. Decryption of the ciphertext is possible only if the set of attributes of the user includes all the attributes used to encrypt the ciphertext.
104 questions
2 votes
1 answer
106 views
Why do the authors state "an arbitrary circuit can be transformed into a layered monotonic circuit of polynomially related size."
I have recently been reading "Constrained Pseudorandom Functions" by Boneh and Waters, and "Constrained Verifiable Random Functions" by Fuchsbauer. One of the claimed results is ...
3 votes
1 answer
162 views
Which Variant of the Decisional Bilinear DH Assumption is Stronger?
The following definitions are from Fuzzy Identity-based Encryption by Sahai and Waters (Eurocrypt 2005, Eprint). Definition 2 (Decisional Bilinear Diffie-Hellman (BDH) Assumption). Suppose a ...
- 33
4 votes
1 answer
109 views
Why in the Palisade CP-ABE library the 192 bit security level uses a base of 128 while the others use a base of 2?
I am performing some tests using the Palisade CP-ABE library, that is based on RLWE. The theoretical details are presented here. The library offers predefined security levels for the encryption, that ...
- 43
2 votes
0 answers
79 views
Is correctness condition of ABE scheme of [BGG+'Eurocrypt2014] right?
I'm reading page 16 of [BGG+'Eurocrypt2014, Section 4]. The ABE in this paper is one of the best lattice-based ABE scheme so far and the techniques used in it inspired other cryptographic primitives ...
- 685
3 votes
1 answer
90 views
How to determine approximate factor (i.e. modulus-to-(bound of)noise ratio) of LWE in advaned primitives is sub-exponential or polynomial?
In advanced primitives like circuit (policy) ABE [BGG+'Eurocrypt2014] or IPFE [ACGU'Asiacrypt2020, appedix A] based on lattices, parameters setting is quite puzzling and vague (for me). (Parameter ...
- 685
2 votes
0 answers
92 views
Why are most ABE KeyGen algorithms probabilistic algorithms?
It seems that in most Attribute Based Encryption schemes, the keygen algorithm is probabilistic, which means that given the same public key, master secret key and attribute set (or access structure), ...
- 31
2 votes
1 answer
142 views
Which one is more general, attribute based encryption or inner product predicate encryption?
If we have a scheme for inner product predicate encryption (IPPE), then can we claim that we already have designed an attribute based encryption (ABE) scheme; So we do not need to design an ABE again. ...
- 685
1 vote
1 answer
133 views
On the spectral norm in lattice-based cryptography
In the preliminaries section of a paper$^\color{magenta}{\star}$ on lattice-based cryptography, the matrix norm $\| \cdot \|_{2}$ is used. Why do we define such norm? What's the purpose of defining ...
- 685
3 votes
1 answer
248 views
Why do we need "selective security" for ABE?
The general question is: Why are ABE schemes usually/sometimes proven in the selective-set of attributes model of security? Or even co-selective (both attributes and policy function)? Is it just ...
- 685
2 votes
1 answer
158 views
Multi party authentication or encryption
I rent a room in a building. There are also 9 others who rent other rooms in this building. Just like everyone else who rents a room I only have one key of this building. With my key I can open the ...
- 123
0 votes
0 answers
34 views
reason of using $y=0$ result in ABE for arithmetic circuits
In Boneh et. al.'s ABE scheme (https://eprint.iacr.org/2013/669.pdf, https://link.springer.com/content/pdf/10.1007/978-3-642-55220-5_30.pdf), the result value for the arithmetic function is selected ...
- 492
1 vote
1 answer
105 views
What is the meaning of the power notation in the access structure?
In the paper about ABE (like this), the access structure is defined as follow: Let ${P_1,P_2,...,P_n}$ be a set of parties. A collection $A⊆2^{\{P_1,P_2,...,P_n\}}$ is monotone if $∀B,C$: if $B∈A$ ...
- 185
2 votes
1 answer
164 views
Combining CP-ABE and KP-ABE by wrapping one with the other?
I've looked around but can't find any discussion on using both CP-ABE and KP-ABE by simply wrapping one with the other. It seems like you'd be able to get more fine grained access control with a ...
2 votes
1 answer
181 views
KP-ABE Key Generation
In Key Policy Attribute-based encryption if we need a targeted broadcast where the set of attributes are the same for a group of users. It means they all share the same secret key right? Or is it that ...
- 769
1 vote
1 answer
122 views
Adaptive Security Advantage
Adaptive model: the attacker can adaptively query the challenger for private keys. The challenge message need not be revealed at the start of the security game Selective model: the attacker has to ...
- 769