Fast, Compact, and Expressive Attribute-Based Encryption

“…As can be deduced from Tables 2-4, GSW is the most efficient scheme. However, it does not support the multiuse [26] 15n t + 18n f 12n′ 3 d -GSW [31] n 1 --- and adaptive security properties. Although JL supports multiuse of attributes in the access policy, the computation cost of key generation increases with multiuse of attribute by the factor of d. However, since our scheme and Lw use the selective technique in generation of either the ciphertext or the key, the scheme performance is not affected by the multiuse of attribute.…”

“…From the studies in [12], it can be inferred that as "q" grows larger, the "q-type" assumption becomes stronger and the scheme which requires it becomes vulnerable, particularly if "q" scales in a predictable way. Recently, Tomida et al [26] and Kowalczyk et al [27] proposed ABE schemes that address the problem of one-use restriction of attributes in access policy. e schemes were built on a piecewise guessing framework developed in [28], and they proved adaptive security of the ABE constructions with some polynomial security losses.…”

“…e last row describes our scheme in Section 4. From Table 1, it can be seen that JL [26] scheme possesses most of the needed properties of ABE construction. However, this scheme inherits the problem of polynomial security losses from the "piecewise guessing framework" that was used for its construction.…”

“…However, this scheme inherits the problem of polynomial security losses from the "piecewise guessing framework" that was used for its construction. Also, the security of schemes JL [26] and LK [27] was proven in random oracle model. erefore, from the authors' point of view, there is no scheme that simultaneously achieves the properties listed in Section 1.1. and that is still able to retain the efficiency of selective security in the standard model.…”

“…We provide theoretical comparisons with some KP-ABE schemes which are shown in Tables 2-5. To enable us to make comparison with JL [26] scheme which uses asymmetric elliptic curve, we adopted the approach in [39] to convert Lw [3], GSW [31], and our scheme from the symmetric setting unto asymmetric setting without having to compute isomorphisms between the source groups. We use "MNT159" asymmetric curve with 159 bit base field from charm-crypto python library.…”

A Fully Secure KP-ABE Scheme on Prime-Order Bilinear Groups through Selective Techniques

“…As can be deduced from Tables 2-4, GSW is the most efficient scheme. However, it does not support the multiuse [26] 15n t + 18n f 12n′ 3 d -GSW [31] n 1 --- and adaptive security properties. Although JL supports multiuse of attributes in the access policy, the computation cost of key generation increases with multiuse of attribute by the factor of d. However, since our scheme and Lw use the selective technique in generation of either the ciphertext or the key, the scheme performance is not affected by the multiuse of attribute.…”

“…From the studies in [12], it can be inferred that as "q" grows larger, the "q-type" assumption becomes stronger and the scheme which requires it becomes vulnerable, particularly if "q" scales in a predictable way. Recently, Tomida et al [26] and Kowalczyk et al [27] proposed ABE schemes that address the problem of one-use restriction of attributes in access policy. e schemes were built on a piecewise guessing framework developed in [28], and they proved adaptive security of the ABE constructions with some polynomial security losses.…”

“…e last row describes our scheme in Section 4. From Table 1, it can be seen that JL [26] scheme possesses most of the needed properties of ABE construction. However, this scheme inherits the problem of polynomial security losses from the "piecewise guessing framework" that was used for its construction.…”

“…However, this scheme inherits the problem of polynomial security losses from the "piecewise guessing framework" that was used for its construction. Also, the security of schemes JL [26] and LK [27] was proven in random oracle model. erefore, from the authors' point of view, there is no scheme that simultaneously achieves the properties listed in Section 1.1. and that is still able to retain the efficiency of selective security in the standard model.…”

“…We provide theoretical comparisons with some KP-ABE schemes which are shown in Tables 2-5. To enable us to make comparison with JL [26] scheme which uses asymmetric elliptic curve, we adopted the approach in [39] to convert Lw [3], GSW [31], and our scheme from the symmetric setting unto asymmetric setting without having to compute isomorphisms between the source groups. We use "MNT159" asymmetric curve with 159 bit base field from charm-crypto python library.…”

A Fully Secure KP-ABE Scheme on Prime-Order Bilinear Groups through Selective Techniques

Unbounded Dynamic Predicate Compositions in ABE from Standard Assumptions

A Practical Compiler for Attribute-Based Encryption: New Decentralized Constructions and More