Home Journal of Computer Science and Technology Article
Article Link
Cite
EndNote(RIS) BibTeX
Collect
Submit Manuscript
Show Outline
Outline
Abstract
Keywords
Electronic Supplementary Material
References
Show full outline
Hide outline
Regular Paper

Key-Policy Attribute-Based Encryption Based on SM9

College of Computer and Cyber Security, Fujian Normal University, Fuzhou 350117, China
Maths and Information Technology School, Yuncheng University, Yuncheng 04400, China
Artificial Intelligence Thrust, Information Hub, The Hong Kong University of Science and Technology (Guangzhou), Guangzhou 511455, China
School of Mathematics and Statistics, Fujian Normal University, Fuzhou 350117, China
Show Author Information

Abstract

Attribute-based encryption (ABE) is a type of encryption derived from identity-based encryption, implementing access control over encrypted data based on attributes rather than on specific identities. SM9 is the Chinese national standard for identity-based cryptography. This paper presents two novel key-policy attribute-based encryption (KP-ABE) designs based on SM9. The first scheme operates in a small attribute universe, while the second scheme caters to a large universe where the size of public parameters is only proportional to the maximum number of attributes used for encryption. Both schemes have a similar private-key/ciphertext structure to the original SM9 identity-based encryption algorithm, enabling effective integration into information systems built on SM9. Further, both schemes are selectively secure under the (f,g)-GDDHE assumption. Extensive experiments show that both schemes are comparable to other classical KP-ABE schemes, in terms of the communication and computational costs. We believe the proposed schemes will expedite the implementation of SM9 in distributed computing systems such as cloud computing and blockchain.

Keywords

key-policy attribute-based encryptionlarge universeSM9selective-set model

Electronic Supplementary Material

Download File(s)
JCST-2308-13726-Highlights.pdf (175.6 KB)

References

[1]
Fiat A, Naor M. Broadcast encryption. In Proc. the 13th Annual International Cryptology Conference on Advances in Cryptology, Aug. 1993, pp.480–491. DOI: 10.1007/3-540-48329-2_40.
Crossref
[2]
Sahai A, Waters B. Fuzzy identity-based encryption. In Proc. the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 2005, pp.457–473. DOI: 10.1007/11426639_27.
Crossref
[3]
Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for fine-grained access control of encrypted data. In Proc. the 13th ACM Conference on Computer and Communications Security, Oct. 30–Nov. 3, 2006, pp.89–98. DOI: 10.1145/1180405.1180418.
Crossref
[4]

Lai J C, Huang X Y, He D B. An efficient identity-based broadcast encryption scheme based on SM9. Chinese Journal of Computers, 2021, 44(5): 897–907. DOI: 10.11897/SP.J.1016.2021.00897. (in Chinese)

Google Scholar
[5]

Sun S, Ma H, Zhang R, Xu W. Server-aided immediate and robust user revocation mechanism for SM9. Cybersecurity, 2022, 3(1): Article No. 12. DOI: 10.1186/S42400-020-00054-6.

Crossref Google Scholar
[6]
Cheng Z. Security analysis of SM9 key agreement and encryption. In Proc. the 14th International Conference on Information Security and Cryptology, Dec. 2018, pp.3–25. DOI: 10.1007/978-3-030-14234-6_1.
Crossref
[7]
Fujisaki E, Okamoto T. Secure integration of asymmetric and symmetric encryption schemes. In Proc. the 19th Annual International Cryptology Conference on Advances in Cryptology, Aug. 1999, pp.537–554. DOI: 10.1007/3-540-48405-1_34.
Crossref
[8]
Boneh D, Boyen X. Efficient selective-ID secure identity-based encryption without random oracles. In Proc. the 2004 International Conference on the Theory and Applications of Cryptographic Techniques, May 2004, pp.223–238. DOI: 10.1007/978-3-540-24676-3_14.
Crossref
[9]
Shamir A. Identity-based cryptosystems and signature schemes. In Advances in Cryptology, Blakley G R, Chaum D (eds.), Springer, 1985, pp.47–53. DOI: 10.1007/3-540-39568-7_5.
Crossref
[10]
Boneh D, Franklin M. Identity-based encryption from the Weil pairing. In Proc. the 21st Annual International Cryptology Conference on Advances in Cryptology, Aug. 2001, pp.213–229. DOI: 10.1007/3-540-44647-8_13.
Crossref
[11]
Canetti R, Halevi S, Katz J. A forward-secure public-key encryption scheme. In Proc. the 2003 International Conference on the Theory and Applications of Cryptographic Techniques, May 2003, pp.255–271. DOI: 10.1007/3-540-39200-9_16.
Crossref
[12]

Park J H, Lee K, Lee D H. New chosen-ciphertext secure identity-based encryption with tight security reduction to the bilinear Diffie-Hellman problem. Information Sciences, 2015, 325: 256–270. DOI: 10.1016/J.INS.2015.07.011.

Crossref Google Scholar
[13]

Ma S. Identity-based encryption with outsourced equality test in cloud computing. Information Sciences, 2016, 328: 389–402. DOI: 10.1016/J.INS.2015.08.053.

Crossref Google Scholar
[14]
Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In Proc. the 2007 IEEE Symposium on Security and Privacy, May 2007, pp.321–334. DOI: 10.1109/SP.2007.11.
Crossref
[15]
Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. In Proc. the 14th ACM Conference on Computer and Communications Security, Oct. 31–Nov. 2, 2007, pp.195–203. DOI: 10.1145/1315245.1315270.
Crossref
[16]
Garg S, Gentry C, Halevi S, Sahai A, Waters B. Attribute-based encryption for circuits from multilinear maps. In Proc. the 33rd Annual Cryptology Conference on Advances in Cryptology, Aug. 2013, pp.479–499. DOI: 10.1007/978-3-642-40084-1_27.
Crossref
[17]
Tiplea F L, Drăgan C C. Key-policy attribute-based encryption for Boolean circuits from bilinear maps. In Proc. the 1st International Conference on Cryptography and Information Security in the Balkans, Oct. 2014, pp.175–193. DOI: 10.1007/978-3-319-21356-9_12.
Crossref
[18]
Drăgan C C, Tiplea F L. Key-policy attribute-based encryption for general Boolean circuits from secret sharing and multi-linear maps. In Proc. the 2nd International Conference on Cryptography and Information Security in the Balkans, Sept. 2015, pp.112–133. DOI: 10.1007/978-3-319-29172-7_8.
Crossref
[19]

Hu P, Gao H. A key-policy attribute-based encryption scheme for general circuit from bilinear maps. International Journal of Network Security, 2017, 19(5): 704–710. DOI: 10.6633/IJNS.201709.19(5).07.

Crossref Google Scholar
[20]

Bolocan D. Key-policy attribute-based encryption scheme for general circuits. Proceedings of the Romanian Academy, Series A-Mathematics Physics Technical Sciences Information Science, 2020, 21(1): 11–19.

Google Scholar
[21]

Li C, Shen Q, Xie Z, Dong J, Feng X, Fang Y, Wu Z. Hierarchical and non-monotonic key-policy attribute-based encryption and its application. Information Sciences, 2022, 611: 591–627. DOI: 10.1016/J.INS.2022.08.014.

Crossref Google Scholar
[22]
Lewko A, Waters B. Unbounded HIBE and attribute-based encryption. In Proc. the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 2011, pp.547–567. DOI: 10.1007/978-3-642-20465-4_30.
Crossref
[23]
Lewko A. Tools for simulating features of composite order bilinear groups in the prime order setting. In Proc. the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Apr. 2012, pp.318–335. DOI: 10.1007/978-3-642-29011-4_20.
Crossref
[24]
Okamoto T, Takashima K. Fully secure unbounded inner-product and attribute-based encryption. In Proc. the 18th International Conference on the Theory and Application of Cryptology and Information Security, Dec. 2012, pp.349–366. DOI: 10.1007/978-3-642-34961-4_22.
Crossref
[25]

Ma H, Peng T, Liu Z. Directly revocable and verifiable key-policy attribute-based encryption for large universe. International Journal of Network Security, 2017, 19(2): 272–284. DOI: 10.6633/IJNS.201703.19(2).12.

Crossref Google Scholar
[26]
Ye Y, Cao Z, Shen J. Unbounded key-policy attribute-based encryption with black-box traceability. In Proc. the 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Dec. 29–Jan. 1, 2020, pp.1655–1663. DOI: 10.1109/TrustCom50675.2020.00228.
Crossref
[27]
Attrapadung N, Libert B, de Panafieu E. Expressive key-policy attribute-based encryption with constant-size ciphertexts. In Proc. the 14th International Conference on Practice and Theory in Public Key Cryptography, Mar. 2011, pp.90–108. DOI: 10.1007/978-3-642-19379-8_6.
Crossref
[28]
Hohenberger S, Waters B. Attribute-based encryption with fast decryption. In Proc. the 16th International Conference on Practice and Theory in Public-Key Cryptography, Feb. 26–Mar. 1, 2013, pp.162–179. DOI: 10.1007/978-3-642-36362-7_11.
Crossref
[29]
Lai J, Deng R H, Li Y, Weng J. Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption. In Proc. the 9th ACM Symposium on Information, Computer and Communications Security, Jun. 2014, pp.239–248. DOI: 10.1145/2590296.2590334.
Crossref
[30]
Zhang K, Gong J, Tang S, Chen J, Li X, Qian H, Cao Z. Practical and efficient attribute-based encryption with constant-size ciphertexts in outsourced verifiable computation. In Proc. the 11th ACM on Asia Conference on Computer and Communications Security, May 30–Jun. 3, 2016, pp.269–279. DOI: 10.1145/2897845.2897858.
Crossref
[31]
Kim J, Susilo W, Guo F, Au M H, Nepal S. An efficient KP-ABE with short ciphertexts in prime OrderGroups under standard assumption. In Proc. the 2017 ACM on Asia Conference on Computer and Communications Security, Apr. 2017, pp.823–834. DOI: 10.1145/3052973.3053003.
Crossref
[32]

Rao Y S, Dutta R. Computational friendly attribute-based encryptions with short ciphertext. Theoretical Computer Science, 2017, 668: 1–26. DOI: 10.1016/J.TCS.2016.12.030.

Crossref Google Scholar
[33]

Obiri I A, Xia Q, Xia H, Obour Agyekum K O B, Asamoah K O, Sifah E B, Zhang X, Gao J. A fully secure KP-ABE scheme on prime-order bilinear groups through selective techniques. Security and Communication Networks, 2020, 2020: 8869057. DOI: 10.1155/2020/8869057.

Crossref Google Scholar
[34]

Boucenna F, Nouali O, Kechid S, Tahar Kechadi M. Secure inverted index based search over encrypted cloud data with user access rights management. Journal of Computer Science and Technology, 2019, 34(1): 133–154. DOI: 10.1007/S11390-019-1903-2.

Crossref Google Scholar
[35]

Xue L, Yu Y, Li Y, Au M H, Du X, Yang B. Efficient attribute-based encryption with attribute revocation for assured data deletion. Information Sciences, 2019, 479: 640–650. DOI: 10.1016/J.INS.2018.02.015.

Crossref Google Scholar
[36]
You L, Wang L. Hierarchical authority key-policy attribute-based encryption. In Proc. the 16th International Conference on Communication Technology (ICCT), Oct. 2015, pp.868–872. DOI: 10.1109/ICCT.2015.7399963.
Crossref
[37]

Lai J, Huang X, He D, Guo F. An efficient hierarchical identity-based encryption based on SM9. SCIENTIA SINICA Informationis, 2023, 53(5): 918–930. DOI: 10.1360/SSI-2022-0163. (in Chinese)

Crossref Google Scholar
[38]

Tang F, Ling G W, Shan J Y. Additive homomorphic encryption schemes based on SM2 and SM9. Journal of Cryptologic Research, 2022, 9(3): 535–549. DOI: 10.13868/j.cnki.jcr.000532. (in Chinese)

Google Scholar
[39]

Shi Y, Ma Z, Qin R, Wang X, Wei W, Fan H. Implementation of an attribute-based encryption scheme based on SM9. Applied Sciences, 2019, 9(15): 3074. DOI: 10.3390/app9153074.

Crossref Google Scholar
[40]

Ji H, Zhang H, Shao L, He D, Luo M. An efficient attribute-based encryption scheme based on SM9 encryption algorithm for dispatching and control cloud. Connection Science, 2021, 33(4): 1094–1115. DOI: 10.1080/09540091.2020.1858757.

Crossref Google Scholar
[41]
Chen L, Cheng Z. Security proof of Sakai-Kasahara's identity-based encryption scheme. In Proc. the 10th IMA International Conference on Cryptography and Coding, Dec. 2005, pp.442–459. DOI: 10.1007/11586821_29.
Crossref
[42]
Delerablée C. Identity-based broadcast encryption with constant size ciphertexts and private keys. In Proc. the 13th International Conference on the Theory and Application of Cryptology and Information Security, Dec. 2007, pp.200–215. DOI: 10.1007/978-3-540-76900-2_12.
Crossref
[43]
Boneh D, Boyen X, Goh E J. Hierarchical identity based encryption with constant size ciphertext. In Proc. the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 2005, pp.440–456. DOI: 10.1007/11426639_26.
Crossref
Journal of Computer Science and Technology
Volume 40 Issue 1,
February 2025
Pages 267-282
DOI: 10.1007/s11390-024-3726-z
Cite this article:
Liu X-H, Huang X-Y, Wu W, et al. Key-Policy Attribute-Based Encryption Based on SM9. Journal of Computer Science and Technology, 2025, 40(1): 267-282. https://doi.org/10.1007/s11390-024-3726-z
Metrics & Citations  
Article History
Copyright
Return