Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST IR 8450 (Initial Public Draft)

Overview and Considerations of Access Control Based on Attribute Encryption

Date Published: May 9, 2023
Comments Due: June 23, 2023 (public comment period is CLOSED)
Email Questions to:


Vincent Hu (NIST)


Access control based on attribute encryption addresses an issue with traditional public-key encryption (PKE) wherein keys need to dynamically change whenever access policies and/or attributes change, which could cause inefficient system performance.

Access control based on attribute encryption supports fine-grained access control for encrypted data and is a cryptographic scheme that goes beyond the all-or-nothing approach of public-key encryption. This document reviews the interplay between cryptography and the access control of attribute-based encryption, including the fundamental theories on which the scheme is based; the various main algorithms of IBE, CP-ABE, and KP-ABE; and considerations for deploying access control systems based on encryption.

NOTE: A call for patent claims is included on page ii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.



access control; attribute-based access control; attribute-based encryption; authorization; encryptions; identity-based encryption; public-key encryption
Control Families

None selected


Download URL

Supplemental Material:
None available

Document History:
05/09/23: IR 8450 (Draft)
09/07/23: IR 8450 (Final)


Security and Privacy

access authorization, access control, encryption