This is a potential security issue, you are being redirected to https://csrc.nist.gov.
Abstract. In this talk, we will discuss the developments in the field of (multi-authority) attribute-based encryption (ABE) that we feel are applicable to the NIST call for threshold schemes. Ciphertext-policy attribute-based encryption (CP-ABE) is a type of public-key encryption that associates the secret keys with attribute sets and the ciphertexts with policies. In particular, the policy dictates who is granted access to the plaintext. Although most proposed CP-ABE schemes employ a single authority to generate the secret keys, variants exist that allow multiple authorities to generate the secret keys for users. This type of CP-ABE is called multi-authority ABE (MA-ABE). A notable advantage of MA-ABE is that it does not have a single point of failure, both in terms of security and availability. It has therefore been considered extensively for various practical settings. Within the subfield of MA-ABE, there exist different flavors of schemes in terms of correctness and security. In particular, an important distinction is whether the access structure that dictates the thresholdization among the authorities is applied in the master secret keys (upon setup) or in the ciphertexts. Applying the thresholdization in the ciphertexts generally provides more flexibility, as it allows encrypting users to determine the thresholdization based on their requirements. Furthermore, it allows authorities to join or leave the system at any point in time, without requiring that new master secret keys are generated. Another distinction is in whether the authorities can manage different sets of attributes. An advantage of this is that MA-ABE can be applied in settings with multiple trust domains, e.g., medical settings with hospitals, insurance companies and research institutes. With this talk, we intend to inform potential submitters of these different types of MA-ABE and why it is important to consider these differences in the NIST call for threshold schemes.
Security and Privacy: cryptography