Efficient single round attribute-based authenticated key exchange protocol

IF 0.9 Q3 COMPUTER SCIENCE, THEORY & METHODS
Suvradip Chakraborty, Y. S. Rao, C. Rangan
{"title":"Efficient single round attribute-based authenticated key exchange protocol","authors":"Suvradip Chakraborty, Y. S. Rao, C. Rangan","doi":"10.1080/23799927.2021.1873192","DOIUrl":null,"url":null,"abstract":"ABSTRACT Attribute-Based Authenticated Key Exchange (ABAKE) protocols allow two or more users to establish a shared key and achieve mutual authentication over an insecure network, while providing fine-grained access control over transmitted data. The existing ABAKE protocols are very inefficient, requiring a large number (polynomial in the size of the access policies) of pairing and exponentiation operations. This presents a major hindrance in the real-world deployment of these protocols. In this work, we present a construction of ABAKE protocol where the number of pairing operations is constant (to be precise only 7) and the number of exponentiation operations is linear to the number of clauses in the disjunctive normal form representing the general access policies. To this end, we construct an Attribute-Based Signcryption (ABSC) scheme with constant number of pairings, and use it as the main building block in our ABAKE construction. This also gives the first construction of ABSC schemes with constant number of pairings for general purpose access policies in the standard model. Another important and desirable feature of our ABAKE construction is that it is round-optimal, i.e. it is a single round protocol. We analyse the security of our ABAKE construction in the Attribute-Based extended Canetti-Krawzyck (ABeCK) model, and prove its security assuming the hardness of a variant of the Bilinear Diffie-Hellman Exponent problem in the random oracle model.","PeriodicalId":37216,"journal":{"name":"International Journal of Computer Mathematics: Computer Systems Theory","volume":null,"pages":null},"PeriodicalIF":0.9000,"publicationDate":"2021-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computer Mathematics: Computer Systems Theory","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/23799927.2021.1873192","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 1

Abstract

ABSTRACT Attribute-Based Authenticated Key Exchange (ABAKE) protocols allow two or more users to establish a shared key and achieve mutual authentication over an insecure network, while providing fine-grained access control over transmitted data. The existing ABAKE protocols are very inefficient, requiring a large number (polynomial in the size of the access policies) of pairing and exponentiation operations. This presents a major hindrance in the real-world deployment of these protocols. In this work, we present a construction of ABAKE protocol where the number of pairing operations is constant (to be precise only 7) and the number of exponentiation operations is linear to the number of clauses in the disjunctive normal form representing the general access policies. To this end, we construct an Attribute-Based Signcryption (ABSC) scheme with constant number of pairings, and use it as the main building block in our ABAKE construction. This also gives the first construction of ABSC schemes with constant number of pairings for general purpose access policies in the standard model. Another important and desirable feature of our ABAKE construction is that it is round-optimal, i.e. it is a single round protocol. We analyse the security of our ABAKE construction in the Attribute-Based extended Canetti-Krawzyck (ABeCK) model, and prove its security assuming the hardness of a variant of the Bilinear Diffie-Hellman Exponent problem in the random oracle model.
高效的单轮基于属性的认证密钥交换协议
基于属性的认证密钥交换(ABAKE)协议允许两个或多个用户在不安全的网络上建立共享密钥并实现相互认证,同时对传输的数据提供细粒度的访问控制。现有的ABAKE协议效率非常低,需要大量的配对和幂运算(访问策略大小的多项式)。这在实际部署这些协议时构成了一个主要障碍。在本文中,我们提出了一个ABAKE协议的构造,其中配对操作的数量是恒定的(精确地说只有7个),幂运算的数量与表示一般访问策略的析取范式子句的数量成线性关系。为此,我们构造了一个具有常数对的基于属性的签名加密(ABSC)方案,并将其作为ABAKE结构的主要构建块。这也给出了标准模型中用于通用访问策略的具有常数对的ABSC方案的第一个构造。我们的ABAKE构造的另一个重要和理想的特性是它是轮优的,即它是一个单轮协议。我们在基于属性的扩展Canetti-Krawzyck (ABeCK)模型中分析了ABAKE结构的安全性,并在假设随机预言模型中双线性Diffie-Hellman指数问题的一个变体的硬度下证明了它的安全性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
International Journal of Computer Mathematics: Computer Systems Theory
International Journal of Computer Mathematics: Computer Systems Theory Computer Science-Computational Theory and Mathematics
CiteScore
1.80
自引率
0.00%
发文量
11
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信