Fuzzy Identity Based Encryption with a flexible threshold value

Document Type : Research Paper


1 Department of Engineering,North Tehran Branch,Islamic Azad University,Tehran,Iran

2 Department of Engineering, North Tehran Branch, Islamic Azad University, Tehran, Iran

3 Department of Mathematics and Computer Science, Shahed University, Tehran, Iran

4 Department of Computer Engineering, Mashhad Branch, Islamic Azad University, Mashhad, Iran


In recent years, the problem of online data and information security has been increasingly serious and prevalent.  Security issues are resolved via cryptography.  Access control over the encrypted messages is necessary for some applications, therefore message encryption cannot simply achieve the stated aims. To achieve these requirements, attribute-based encryption (ABE) is used. This type of encryption provides both security and access structure for the network users simultaneously. Fuzzy Identity-Based Encryption (FIBE) is a special mode of ABE that provides a threshold access structure for the users. This threshold value is set by the authority for users, which is always fixed and cannot be changed. So, the sender (encryptor) will not play a role in determining the threshold value. The mentioned issue exists also in Key Policy Attribute Based Encryption (KP-ABE) schemes. In this paper, we present a FIBE scheme in addition to the authority, the sender also plays a role in determining the threshold value. Thus, the policy will be more flexible than previous FIBE schemes in that the threshold value is selected only by the authority. We can call the proposed scheme a dual-policy ABE. The proposed technique for flexibility of threshold value can be applied in most of exist KP-ABE schemes. We use the (indistinguishable) selective security model for a security proof. The hardness assumption that we use is the modified bilinear decision Diffie-Hellman problem.


[1]         A. Sahai and B. Waters, “Fuzzy identity-based encryption,” in Annual international conference on the theory and applications of cryptographic techniques, vol. 3494, Springer Verlag, 2005, pp. 457–473, doi:10.1007/11426639_27/COVER.
[2]         S. Belguith, N. Kaaniche, and G. Russello, “PU-ABE: Lightweight attribute-based encryption supporting access policy update for cloud assisted IoT,” ICETE 2018 - Proc. 15th Int. Jt. Conf. E-bus. Telecommun., vol. 2, pp. 135–146, 2018, doi: 10.5220/0006854601350146.
[3]         S. Y. Tan, K. W. Yeow, and S. O. Hwang, “Enhancement of a Lightweight Attribute-Based Encryption Scheme for the Internet of Things,” IEEE Internet Things J., vol. 6, no. 4, pp. 6384–6395, Aug. 2019, doi: 10.1109/JIOT.2019.2900631.
[4]         H. Li, K. Yu, B. Liu, C. Feng, Z. Qin, and G. Srivastava, “An Efficient Ciphertext-Policy Weighted Attribute-Based Encryption for the Internet of Health Things,” IEEE J. Biomed. Heal. Informatics, vol. 26, no. 5, pp. 1949–1960, May 2022, doi: 10.1109/JBHI.2021.3075995.
[5]         M. M. Oliaiy, M. H. Ameri, J. Mohajeri, and M. R. Aref, “A Verifiable Delegated Set Intersection without pairing,” 2017 25th Iran. Conf. Electr. Eng. ICEE 2017, pp. 2047–2051, Jul. 2017, doi: 10.1109/IranianCEE.2017.7985395.
[6]         V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” Proc. ACM Conf. Comput. Commun. Secur., pp. 89–98, 2006, doi: 10.1145/1180405.1180418.
[7]     S. Agrawal, X. Boyen, V. Vaikuntanathan, P. Voulgaris, and H. Wee, “Functional encryption for threshold functions (or fuzzy IBE) from lattices,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 7293 LNCS, pp. 280–297, 2012, doi: 10.1007/978-3-642-30057-8_17.
[8]     S. Gorbunov, V. Vaikuntanathan, and H. Wee, “Attribute-based encryption for circuits,” J. ACM, vol. 62, no. 6, Dec. 2015, doi: 10.1145/2824233.
[9]     Y. S. Rao and R. Dutta, “Computational friendly attribute-based encryptions with short ciphertext,” Theor. Comput. Sci., vol. 668, pp. 1–26, March 2017, doi: 10.1016/j.tcs.2016.12.030.
[10]   M. M. Oliaee, M. Delavar, M. H. Ameri, J. Mohajeri, and M. R. Aref, “On the Security of O-PSI a Delegated Private Set Intersection on Outsourced Datasets,” 2017 14th Int. ISC (Iranian Soc. Cryptology) Conf. Inf. Secur. Cryptology, Isc. 2017, pp. 77–81, Oct. 2018, doi: 10.1109/ISCISC.2017.8488358.
[11]   M. Mahdavi Oliaee, M. Delavar, M. H. Ameri, J. Mohajeri, and M. R. Aref, “On the Security of O-PSI: A Delegated Private Set Intersection on Outsourced Datasets (Extended Version),” ISC Int. J. Inf. Secur., vol. 10, no. 2, pp. 117–127, Jul. 2018, doi: 10.22042/ISECURE.2018.120860.410.
[12]   Y. Yu, J. Shi, H. Li, Y. Li, X. Du, and M. Guizani, “Key-policy attribute-based encryption with keyword search in virtualized environments,” IEEE J. Sel. Areas Commun., vol. 38, no. 6, pp. 1242–1251, June 2020, doi: 10.1109/JSAC.2020.2986620.
[13]   J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” Proc. - IEEE Symp. Secur. Priv., pp. 321–334, 2007, doi: 10.1109/SP.2007.11.
[14]   B. Waters, “Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 6571 LNCS, pp. 53–70, 2011, doi: 10.1007/978-3-642-19379-8_4.
[15]   M. Ali, J. Mohajeri, M. R. Sadeghi, and X. Liu, “A fully distributed hierarchical attribute-based encryption scheme,” Theor. Comput. Sci., vol. 815, pp. 25–46, May 2020, doi: 10.1016/j.tcs.2020.02.030.
[16]   N. Attrapadung and H. Imai, “Dual-policy attribute based encryption,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5536 LNCS, 2009, pp. 168–185. doi: 10.1007/978-3-642-01957-9_11.
[17]   R. Ostrovsky, A. Sahai, and B. Waters, “Attribute-based encryption with non-monotonic access structures,” Proc. ACM Conf. Comput. Commun. Secur., pp. 195–203, 2007, doi: 10.1145/1315245.1315270.
[18]   D. Boneh et al., “Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuits,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 8441 LNCS, pp. 533–556, 2014, doi: 10.1007/978-3-642-55220-5_30.
[19]   M. M. Oliaee and Z. Ahmadian, “Ciphertext Policy Attribute Based Encryption for Arithmetic circuits,” eprint.iacr.org, pp. 1–9, Accessed: Jan. 14, 2023. [Online]. Available: https://eprint.iacr.org/2021/003
[20]   M. MahdaviOliaee and Z. Ahmadian, “Fine-grained flexible access control: ciphertext policy attribute based encryption for arithmetic circuits,” J. Comput. Virol. Hacking Tech., 2022, doi: 10.1007/s11416-022-00459-6.
[21]   M. Green, S. Hohenberger, and B. Waters, “Outsourcing the decryption of ABE ciphertexts,” Proc. 20th USENIX Secur. Symp., pp. 523–538, 2011, Accessed: Jan. 14, 2023. [Online]. Available: https://www.usenix.org/conference/usenix-security-11/outsourcing-decryption-abe-ciphertexts
[22]   M. Chase, “Multi-authority attribute based encryption,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 4392 LNCS, pp. 515–534, 2007, doi: 10.1007/978-3-540-70936-7_28.
[23]   R. Zhang, J. Li, Y. Lu, J. Han, and Y. Zhang, “Key escrow-free attribute based encryption with user revocation,” Inf. Sci. (Ny)., vol. 600, pp. 59–72, July 2022, doi: 10.1016/j.ins.2022.03.081.
[24]   E. S. Zhuang, C. I. Fan, and I. H. Kuo, “Multiauthority Attribute-Based Encryption With Dynamic Membership From Lattices,” IEEE Access, vol. 10, pp. 58254–58267, 2022, doi: 10.1109/ACCESS.2022.3179110.
[25]   X. Zhang, F. Wu, W. Yao, Z. Wang, and W. Wang, “Multi-authority attribute-based encryption scheme with constant-size ciphertexts and user revocation,” Concurr. Comput. Pract. Exp., vol. 31, no. 21, Nov. 2019, doi: 10.1002/cpe.4678.
[26]   N. Attrapadung, B. Libert, and E. De Panafieu, “Expressive key-policy attribute-based encryption with constant-size ciphertexts,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 6571 LNCS, pp. 90–108, 2011, doi: 10.1007/978-3-642-19379-8_6.
[27]   N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. De Panafieu, and C. Ràfols, “Attribute-based encryption schemes with constant-size ciphertexts,” Theor. Comput. Sci., vol. 422, pp. 15–38, March 2012, doi: 10.1016/j.tcs.2011.12.004.
[28]   J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 7, pp. 1214–1221, July 2011, doi: 10.1109/TPDS.2010.203.
[29]   K. Lee, S. G. Choi, D. H. Lee, J. H. Park, and M. Yung, “Self-updatable encryption: Time constrained access control with hidden attributes and better efficiency,” Theor. Comput. Sci., vol. 667, pp. 51–92, March 2017, doi: 10.1016/j.tcs.2016.12.027.
[30]   P. Dutta, W. Susilo, D. H. Duong, and P. S. Roy, “Puncturable identity-based and attribute-based encryption from lattices,” Theor. Comput. Sci., vol. 929, pp. 18–38, Sept. 2022, doi: 10.1016/J.TCS.2022.06.028.
[31]   C. Ge, W. Susilo, J. Baek, Z. Liu, J. Xia, and L. Fang, “Revocable Attribute-Based Encryption with Data Integrity in Clouds,” IEEE Trans. Dependable Secur. Comput., vol. 19, no. 5, pp. 2864–2872, Sept.-Oct. 2022, doi: 10.1109/TDSC.2021.3065999.
[32]   S. Deng, G. Yang, W. Dong, and M. Xia, “Flexible revocation in ciphertext-policy attribute-based encryption with verifiable ciphertext delegation,” Multimed. Tools Appl., 2022, doi: 10.1007/s11042-022-13537-0.
[33]   Z. Liu and D. S. Wong, “Practical attribute-based encryption: Traitor tracing, revocation and large universe,” Comput. J., vol. 59, no. 7, pp. 983–1004, July 2016, doi: 10.1093/comjnl/bxv101.
[34]   M. Venema, G. Alpár, and J. H. Hoepman, “Systematizing core properties of pairing-based attribute-based encryption to uncover remaining challenges in enforcing access control in practice,” Des. Codes, Cryptogr., Jan. 2022, doi: 10.1007/s10623-022-01093-5..