Collusion Attacks on Decentralized Attributed-Based Encryption: Analyses and a Solution
This addresses security vulnerabilities in DABE systems, which are used for flexible access control in decentralized settings, but the solution is incremental as it builds on existing schemes.
The paper identifies a new type of collusion attack between authorities and data users in decentralized attribute-based encryption (DABE) systems, showing that six existing DABE systems are vulnerable, and proposes a model to secure one of these schemes.
Attribute-based Encryption (ABE) is an information centric security solution that moves beyond traditional restrictions of point-to-point encryption by allowing for flexible, fine-grain policy-based and content-based access control that is cryptographically enforced. As the original ABE systems are managed by a single authority, several efforts have decentralized different ABE schemes to address the key escrow problem, where the authority can issue secret keys to itself to decrypt all the ciphertext. However, decentralized ABE (DABE) schemes raise the issue of collusion attacks. In this paper, we review two existing types of collusion attacks on DABE systems, and introduce a new type of collusion among authorities and data users. We show that six existing DABE systems are vulnerable to the newly introduced collusion and propose a model to secure one of the DABE schemes.