abenc_maabe_yj14

Multi-Authority ABE for Cloud Storage (YJ14)

Authors: Kan Yang, Xiaohua Jia

Title: “Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage”

Published in: IEEE Transactions on Parallel and Distributed Systems, Volume 25, Issue 7, 2014

Available from: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6620875

Notes: Supports expressive access policies with efficient revocation

Scheme Properties

• Type: ciphertext-policy attribute-based encryption (public key)

• Setting: Pairing groups

• Assumption: Decisional Bilinear Diffie-Hellman

Implementation

Authors:

artjomb

Date:

07/2014

class abenc_maabe_yj14.MAABE(groupObj)

Bases: object

ctupdate(GPP, CT, attribute, UKc)

Updates the cipher-text using the update key, because of the revoked attribute (executed by cloud provider)

decrypt(GPP, CT, user)

Decrypts the content(-key) from the cipher-text (executed by user/content consumer)

encrypt(GPP, policy_str, k, authority)

Generate the cipher-text from the content(-key) and a policy (executed by the content owner)

group

Prime order group

keygen(GPP, authority, attribute, userObj, USK=None)

Generate user keys for a specific attribute (executed on attribute authority)

registerUser(GPP)

Generate user keys (executed by the user).

setup()

Global Setup (executed by CA)

setupAuthority(GPP, authorityid, attributes, authorities)

Generate attribute authority keys (executed by attribute authority)

skupdate(USK, attribute, UKs)

Updates the user attribute secret key for the specified attribute (executed by non-revoked user)

ukeygen(GPP, authority, attribute, userObj)

Generate update keys for users and cloud provider (executed by attribute authority?)

abenc_maabe_yj14.basicTest()

abenc_maabe_yj14.revokedTest()

abenc_maabe_yj14.test()