TY - JOUR
T1 - Systematizing core properties of pairing-based attribute-based encryption to uncover remaining challenges in enforcing access control in practice
AU - Venema, Marloes
AU - Alpár, Greg
AU - Hoepman, Jaap Henk
N1 - Funding Information:
The authors would like to thank Lejla Batina and Jan Schoone, as well as the anonymous reviewers for helpful comments and suggestions.
Publisher Copyright:
© 2022, The Author(s).
PY - 2023/1
Y1 - 2023/1
N2 - Attribute-based encryption (ABE) cryptographically implements fine-grained access control on data. As such, data can be stored by an entity that is not necessarily trusted to enforce access control, or an entity that is not even trusted to have access to the plaintext data at all. Instead, access control can be externally enforced by a trusted entity. Additionally, some multi-authority variants of ABE—which do not have a central authority—can effectively and securely implement access control in multiple-domain settings. Furthermore, ABE is the only cryptographic approach to fine-grained access control that does not require an online trusted third party during access requests, and thus provides better availability properties. The actual realization of these theoretical advantages in practice depends on whether current state-of-the-art ABE schemes support the necessary core properties. Much progress has been made in the last two decades in pairing-based ABE schemes, owing to their versatility and efficiency. In fact, it is possible to support most core properties under strong security guarantees, while incurring acceptable storage and computational costs. It is therefore a good time to ask ourselves whether pairing-based ABE has reached its full practical potential. To answer this question, we provide a comprehensive systematized overview of various existing pairing-based ABE schemes and their core properties. We also investigate the relationship between these core properties and real-world access control requirements. We show that a few challenges remain, that must be overcome for ABE to reach its full potential as a mechanism to implement efficient and secure access control in practice.
AB - Attribute-based encryption (ABE) cryptographically implements fine-grained access control on data. As such, data can be stored by an entity that is not necessarily trusted to enforce access control, or an entity that is not even trusted to have access to the plaintext data at all. Instead, access control can be externally enforced by a trusted entity. Additionally, some multi-authority variants of ABE—which do not have a central authority—can effectively and securely implement access control in multiple-domain settings. Furthermore, ABE is the only cryptographic approach to fine-grained access control that does not require an online trusted third party during access requests, and thus provides better availability properties. The actual realization of these theoretical advantages in practice depends on whether current state-of-the-art ABE schemes support the necessary core properties. Much progress has been made in the last two decades in pairing-based ABE schemes, owing to their versatility and efficiency. In fact, it is possible to support most core properties under strong security guarantees, while incurring acceptable storage and computational costs. It is therefore a good time to ask ourselves whether pairing-based ABE has reached its full practical potential. To answer this question, we provide a comprehensive systematized overview of various existing pairing-based ABE schemes and their core properties. We also investigate the relationship between these core properties and real-world access control requirements. We show that a few challenges remain, that must be overcome for ABE to reach its full potential as a mechanism to implement efficient and secure access control in practice.
KW - Access control
KW - Attribute-based encryption
KW - Systematization of knowledge
UR - http://www.scopus.com/inward/record.url?scp=85137784444&partnerID=8YFLogxK
U2 - 10.1007/s10623-022-01093-5
DO - 10.1007/s10623-022-01093-5
M3 - Article
AN - SCOPUS:85137784444
SN - 0925-1022
VL - 91
SP - 165
EP - 220
JO - Designs, Codes, and Cryptography
JF - Designs, Codes, and Cryptography
IS - 1
ER -