Two-party round-optimal session-policy attribute-based authenticated key exchange without random oracles

Abstract

In this paper, we propose a new one-round session-policy attribute-based (implicitly) authenticated key exchange (SP-ABAKE) scheme which allows expressive access controls and is secure in the standard model (StdM). Our scheme enjoys the best of both worlds: efficiency and security. The number of rounds is one (optimal) while the known secure scheme in the StdM is not one-round protocol. Our scheme is comparable in communication complexity with the most efficient known scheme whereas it cannot be proved in the StdM. Also, our scheme is proved to satisfy security against advanced attacks like key compromise impersonation under a non-interactive number-theoretic assumption. We construct our scheme based on Waters' ciphertext-policy attribute-based encryption with the generic conversion technique to the CCA-security from the CPA-security. © 2012 Springer-Verlag.