Chosen ciphertext secure attribute-based encryption with outsourced decryption

Abstract

Although attribute-based encryption (ABE) is a useful cryptographic tool to realize expressive access policy on ciphertexts, it is not quite suitable for mobile devices. The root cause lies in that the size of the ciphertext and the decryption cost are usually proportional to the complexity of the access policy. To solve this problem, a variant of ABE, named attribute-based encryption with outsourced decryption (OD-ABE), was proposed by Green, Hohenberger and Waters. Especially, OD-ABE allows a proxy with a transformation key delegated from the user to simplify ABE ciphertexts satisfied by the user’s attributes. On the other hand, this transformation also makes it tricky to design an OD-ABE scheme achieving the CCA security that is generally considered as the standard notion of security for a cryptosystem. However, the existing OD-ABE schemes only achieve the re-randomizable (replayable) CCA security. In this paper, we propose the CCA security model for ODABE and a concrete scheme secure in our proposed security model. We believe that this improvement on the security of OD-ABE will lead to a wider spectrum of applications.