Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in...
Transcript of Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in...
![Page 1: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/1.jpg)
Improved Dual System ABE in Prime-Order Groups via Predicate Encodings
Jie Chen – East China Normal University, Shanghai
Romain Gay – ENS, Paris
Hoeteck Wee – ENS, Paris
![Page 2: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/2.jpg)
Improved Dual System ABE in Prime-Order Groups via Predicate Encodings
Jie Chen – East China Normal University, Shanghai
Romain Gay – ENS, Paris
Hoeteck Wee – ENS, Paris
Attribute-Based Encryption
![Page 3: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/3.jpg)
ABE: online dating
Alice
Edward
pk :
profile
Charlie David
[Sahai,Waters’05; Goyal,Pandey,Sahai,Waters’06]
![Page 4: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/4.jpg)
ABE: online dating
Alice
Edward
pk :
profile
tall ˅ (phd ˄ cs)
phd ˄ cs
Charlie David
cs phd ˄ math
[Sahai,Waters’05; Goyal,Pandey,Sahai,Waters’06]
![Page 5: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/5.jpg)
ABE: online dating
Alice
Charlie David
Edward
pk :
profile
cs
tall ˅ (phd ˄ cs)
phd ˄ math
phd ˄ cs
[Sahai,Waters’05; Goyal,Pandey,Sahai,Waters’06]
![Page 6: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/6.jpg)
ABE: online dating
Alice
Charlie David
Edward
pk :
profile
cs
tall ˅ (phd ˄ cs)
phd ˄ math
phd ˄ cs
collusion
[Sahai,Waters’05; Goyal,Pandey,Sahai,Waters’06]
![Page 7: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/7.jpg)
Modular framework for ABE
Compiler
encoding
[Attrapadung 14, Wee 14]
P
Adaptively secure ABE for P
![Page 8: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/8.jpg)
Modular framework for ABE
Composite-ordergroups
encoding
[Attrapadung 14, Wee 14]
P
Adaptively secure ABE for P
![Page 9: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/9.jpg)
Modular framework for ABE
Composite-ordergroups
encoding
[Attrapadung 14, Wee 14]
P
Dual system encryption [Waters 09]
Adaptively secure ABE for P
![Page 10: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/10.jpg)
Modular framework for ABE
Composite-ordergroups
encoding
Adaptively secure ABE for P
Prime-ordergroups
encoding ++
Our work
P P
[Attrapadung 14, Wee 14]
DSE [Waters 09]
Adaptively secure ABE for P
![Page 11: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/11.jpg)
Our contributions
1. New techniques for simulating composite-order groups
![Page 12: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/12.jpg)
Our contributions
1. New techniques for simulating composite-order groups
2. New efficient ABEs
![Page 13: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/13.jpg)
Our contributions
1. New techniques for simulating composite-order groups
2. New efficient ABEs
functionality improvements
ABE for boolean formula sk, ct 50% shorter
![Page 14: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/14.jpg)
Our contributions
1. New techniques for simulating composite-order groups
2. New efficient ABEs
functionality improvements
ABE for boolean formula sk, ct 50% shorter
ABE for arithmetic formula First adaptively secure scheme
![Page 15: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/15.jpg)
Composite-order groups
e : ×Gp Gq
p,q primes
[Boneh, Goh, Nissim’05; Lewko, Waters’10]
↓GT
×Gp Gq
×
![Page 16: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/16.jpg)
Composite-order groups
e : ×Gp Gq
p,q primes
[Boneh, Goh, Nissim’05; Lewko, Waters’10]
↓GT
×Gp Gq
×
e(Gq, Gp)=1
![Page 17: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/17.jpg)
Composite-order groups
e : ×Gp Gq
p,q primes
[Boneh, Goh, Nissim’05; Lewko, Waters’10]
↓GT
×Gp Gq
×
e(Gp,Gq)=1
![Page 18: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/18.jpg)
Composite-order groups
e : ×Gp Gq
p,q primes
[Boneh, Goh, Nissim’05; Lewko, Waters’10]
↓GT
×Gp Gq
×
Subgroup membership:
random ≈c random ∙ random∈ Gp ∈ Gp ∈ Gq
![Page 19: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/19.jpg)
Composite-order groups
e : ×Gp Gq
p,q primes
[Boneh, Goh, Nissim’05; Lewko, Waters’10]
↓GT
×Gp Gq
×
Parameter hiding:
Gp = < g1> , Gq = < g2>
For all w ∈ ℤpq
given g1w , g2
w is hidden
![Page 20: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/20.jpg)
Composite-order groups
e : ×Gp Gq
p,q primes
[Boneh, Goh, Nissim’05; Lewko, Waters’10]
↓GT
×Gp Gq
×
Parameter hiding:
Gp = < g1> , Gq = < g2>
For all w ∈ ℤpq
given g1w , g2
w is hidden
ct
sk
ct
sk DSE [Waters 09]
![Page 21: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/21.jpg)
Simulating composite-order groups
• [Freeman 10, MSF 10, Seo 12, HHHRR14] -> parameter hiding?
• DPVS: [OT 08, OT 09, Lewko 12, CLLWW 12] -> not compact
• [CW 13, BKP 14] -> not all predicate
![Page 22: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/22.jpg)
Simulating composite-order groups
G1 = < g1 > , G2 = < g2 > , GT of order p ,
e: G1 × G2 → GT
e g1x, g2
y= e(g1, g2)
xy
![Page 23: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/23.jpg)
Simulating composite-order groups
G1 = < g1 > , G2 = < g2 > , GT of order p ,
e: G1 × G2 → GT
e [x]1, [y]2 = [xy]T
![Page 24: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/24.jpg)
Simulating composite-order groups
G1 = < g1 > , G2 = < g2 > , GT of order p ,
e: G1 × G2 → GT
e [x]1, [y]2 = [xy]T
Matrix assumptions [EHKRV 13, MRV15]:
[A r]1 ≈c [u]1
A ∈ ℤpk+1 ×k, r ←R ℤp
k u ←R ℤp(k+1)
![Page 25: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/25.jpg)
Simulating composite-order groups
G1 = < g1 > , G2 = < g2 > , GT of order p ,
e: G1 × G2 → GT
e [x]1, [y]2 = [xy]T
Matrix assumptions [EHKRV 13, MRV15]:
[A r]1 ≈c [u]1
DDH: A =1a
, a ←R ℤp k-Lin: A =
1⋱
a1 ⋯
1ak
, a1, … , ak ←R ℤp
![Page 26: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/26.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×? ?
e: G1 × G2 → GT G1, G2 of order p
×? ?
e([x]1, y]2 = [xTy]T
![Page 27: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/27.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×? ?
e: G1 × G2 → GT G1, G2 of order p
×? ?
e([X]1, Y]2 = [XTY]T
![Page 28: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/28.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > ?
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > ?
• [A]1, [B]2 ←R k-Lin
![Page 29: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/29.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > ?
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > < [a⊥]2 >
• [A]1, [B]2 ←R k-Lin• a⊥ ←R A⊥
e([A]1,[a⊥]2)=1
![Page 30: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/30.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > < [b⊥]1 >
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > < [a⊥]2 >
• [A]1, [B]2 ←R k-Lin• a⊥ ←R A⊥
• b⊥ ←R B⊥
e([b⊥]1, [B]2)=1
![Page 31: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/31.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > < [b⊥]1 >
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > < [a⊥]2 >
• [A]1, [B]2 ←R k-Lin• a⊥ ←R A⊥
• b⊥ ←R B⊥
![Page 32: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/32.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > < [b⊥]1 >
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > < [a⊥]2 >
[A]1, [b⊥]1 : basis of G1k+1
[B]2, [a⊥]2 : basis of G2k+1
![Page 33: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/33.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > < [b⊥]1 >
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > < [a⊥]2 >
Subgroup membership:
[A r]1 ≈c [A r]1 ∙ [r′b⊥]1 = [u]1
k-Lin in G1
![Page 34: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/34.jpg)
Simulating composite-order groups
e : G1k+1 =
×
G2k+1 =
↓
GT
×< [A]1 > < [b⊥]1 >
e: G1 × G2 → GT G1, G2 of order p
×< [B]1 > < [a⊥]2 >
Subgroup membership:
[B s]1 ≈c [B s]1 ∙ [s′a⊥]1 = [v]1
k-Lin in G2
![Page 35: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/35.jpg)
Simulating composite-order groups
×< [A]1 > < [b⊥]1 >
×< [B]1 > < [a⊥]1 >
↓
GT
×
G1k+1=
G2k+1=
G =
G =
↓
GT
×Gp Gq
×Gp Gq
![Page 36: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/36.jpg)
Simulating composite-order groups
×< [A]1 > < [b⊥]1 >
×< [B]1 > < [a⊥]1 >
↓
GT
×
G1k+1=
G2k+1=
G =
G =
↓
GT
×< g1 > < g2 >
×< g1 > < g2 >
![Page 37: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/37.jpg)
Simulating composite-order groups
×< [A]1 > < [b⊥]1 >
×< [B]1 > < [a⊥]1 >
↓
GT
×
G1k+1=
G2k+1=
G =
G =
↓
GT
×< g1 > < g2 >
×< g1 > < g2 >
g1r
[Ar ]1
![Page 38: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/38.jpg)
Simulating composite-order groups
×< [A]1 > < [b⊥]1 >
×< [B]1 > < [a⊥]1 >
↓
GT
×
G1k+1=
G2k+1=
G =
G =
↓
GT
×< g1 > < g2 >
×< g1 > < g2 >
g1r
g1s
[Ar ]1
[Bs ]2
![Page 39: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/39.jpg)
Simulating composite-order groups
×< [A]1 > < [b⊥]1 >
w ←R ℤpq
×< [B]1 > < [a⊥]1 >
↓
GT
×
G1k+1=
G2k+1=
G =
G =
↓
GT
×< g1w > < g2
w >
×< g1w > < g2
w >
![Page 40: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/40.jpg)
Simulating composite-order groups
×< [WTA]1 > < [WTb⊥]1 >
w ←R ℤpq W ←R ℤpk+1 ×(k+1)
×< [WB]1 > < [Wa⊥]1 >
↓
GT
×
G1k+1=
G2k+1=
G =
G =
↓
GT
×< g1w > < g2
w >
×< g1w > < g2
w >
![Page 41: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/41.jpg)
Simulating composite-order groups
g1w ,Given g2
w is hidden[ATW]1and[WB]2
Given(a⊥)TWb⊥
is hidden
Parameter hiding:
w ←R ℤpq W ←R ℤpk+1 ×(k+1)
![Page 42: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/42.jpg)
Simulating composite-order groups
w → W ∈ ℤpk+1 ×(k+1)
s → s ∈ ℤpk
g1s → [As ]1
g1ws → [WTAs ]1
r → r ∈ ℤpk
g1r → [Br ]2
g1wr → [WBr ]2
ct sk
![Page 43: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/43.jpg)
Modular framework for ABE
Composite-ordergroups
encoding
Adaptively secure ABE for P
Prime-ordergroups
encoding ++
Our work
P P
[Attrapadung 14, Wee 14]
DSE [Waters 09]
Adaptively secure ABE for P
![Page 44: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/44.jpg)
Conclusion
New efficient ABEs for boolean formula of size n:
reference (static) assumption |sk| , |ct|
[A14, W14] Composite-order |sk| , |ct| = n + O(1) g.e.
![Page 45: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/45.jpg)
Conclusion
New efficient ABEs for boolean formula of size n:
reference (static) assumption |sk| , |ct|
[A14, W14] Composite-order |sk| , |ct| = n + O(1) g.e.
[Lewko 12, CLL+ 12] k-Lin |sk| , |ct| = O( (k+1)(n + O(1)) ) g.e.
![Page 46: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/46.jpg)
Conclusion
New efficient ABEs for boolean formula of size n:
reference (static) assumption |sk| , |ct|
[A14, W14] Composite-order |sk| , |ct| = n + O(1) g.e.
[Lewko 12, CLL+ 12] k-Lin |sk| , |ct| = O( (k+1)(n + O(1)) ) g.e.
[our work] k-Lin |sk| , |ct| = (k+1)(n + O(1)) g.e.
![Page 47: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/47.jpg)
Conclusion
New efficient ABEs for boolean formula of size n:
reference (static) assumption |sk| , |ct|
[A14, W14] Composite-order |sk| , |ct| = n + O(1) g.e.
[Lewko 12, CLL+ 12] k-Lin |sk| , |ct| = O( (k+1)(n + O(1)) ) g.e.
[our work] k-Lin |sk| , |ct| = (k+1)(n + O(1)) g.e.
Open problem k-Lin |sk| , |ct| = n + k + O(1) ? g.e.
![Page 48: Improved Dual System ABE in Prime-Order Groups via ...rgay/CGW15.pdf · Improved Dual System ABE in Prime-Order Groups via Predicate Encodings Jie Chen –East China Normal University,](https://reader034.fdocuments.net/reader034/viewer/2022052006/601a66e411ec2828695dcac9/html5/thumbnails/48.jpg)
Thank you!
Questions?