Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Overview and Considerations of Access Control Based on Attribute Encryption: NIST IR 8450 Draft is Available for Public Comment
May 09, 2023

NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption, is now available for public review and comment.

Access control based on attribute encryption addresses an issue with traditional public-key encryption (PKE) wherein keys need to dynamically change whenever access policies and/or attributes change, which could cause inefficient system performance.

Access control based on attribute encryption supports fine-grained access control for encrypted data and is a cryptographic scheme that goes beyond the all-or-nothing approach of public-key encryption. This document reviews the interplay between cryptography and the access control of attribute-based encryption, including the fundamental theories on which the scheme is based; the various main algorithms of IBE, CP-ABE, and KP-ABE; and considerations for deploying access control systems based on encryption.

The public comment period is open through June 23, 2023. See the publication details for a copy of the draft and instructions for submitting comments.


NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Related Topics

Security and Privacy: access authorization, access control, encryption

Created May 05, 2023, Updated May 09, 2023