Multi-Authority ABE: Constructions and Applications
Beverly Li
Hunan University
SWS Colloquium
Beverly Li received her Ph.D. from Shanghai Jiaotong University in 2007, and is an assistant professor at Hunan University.
Her research interests are in security, networking, and computer systems.
Attribute-based Encryption(ABE) is a form of asymmetric cryptography
that allows encryption over labels named “attributes”. In an ABE
scheme, an “authority” generates public parameters and secrets and
assigns attributes (and associated secrets) to users. Data can be
encrypted using formulas over attributes; users can decrypt if they
have attribute secrets that satisfy the encryption formula.
In this talk, I will discuss an extension to ABE that allows
encryption over attributes provided by multiple authorities. Such a
scheme enables secure data sharing between otherwise distrusting
organizations. I will discuss example scenarios where multi-authority
ABE is useful, and describe one new construction of multi-authority
ABE scheme named DMA.
In DMA, a data owner is a first class principal: users in the system
get attributes in cooperation with the data owner and various
authorities. Compared to previous work, DMA does not require a global
identity for users, or require the multiple authorities to trust a
single central authority. DMA is also immune to collusion attacks
mounted by users and authorities.