Improving privacy and security in decentralized ciphertext-policy attribute-based encryption

Jinguang Han, Willy Susilo, Yi Mu, Jianying Zhou, Man Ho Allen Au

Research output: Journal article publicationJournal articleAcademic researchpeer-review

147 Citations (Scopus)


In previous privacy-preserving multiauthority attribute-based encryption (PPMA-ABE) schemes, a user can acquire secret keys from multiple authorities with them knowing his/her attributes and furthermore, a central authority is required. Notably, a user's identity information can be extracted from his/her some sensitive attributes. Hence, existing PPMA-ABE schemes cannot fully protect users' privacy as multiple authorities can collaborate to identify a user by collecting and analyzing his attributes. Moreover, ciphertext-policy ABE (CP-ABE) is a more efficient public-key encryption, where the encryptor can select flexible access structures to encrypt messages. Therefore, a challenging and important work is to construct a PPMA-ABE scheme where there is no necessity of having the central authority and furthermore, both the identifiers and the attributes can be protected to be known by the authorities. In this paper, a privacy-preserving decentralized CP-ABE (PPDCP-ABE) is proposed to reduce the trust on the central authority and protect users' privacy. In our PPDCP-ABE scheme, each authority can work independently without any collaboration to initial the system and issue secret keys to users. Furthermore, a user can obtain secret keys from multiple authorities without them knowing anything about his global identifier and attributes.
Original languageEnglish
Article number6987293
Pages (from-to)665-678
Number of pages14
JournalIEEE Transactions on Information Forensics and Security
Issue number3
Publication statusPublished - 1 Mar 2015


  • CP-ABE
  • decentralization
  • privacy

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Improving privacy and security in decentralized ciphertext-policy attribute-based encryption'. Together they form a unique fingerprint.

Cite this