Removing escrow from ciphertext policy attribute-based encryption

Junbeom Hur, Dongyoung Koo, Seong Oun Hwang, Kyungtae Kang

Research output: Contribution to journalArticlepeer-review

21 Citations (Scopus)


Attribute-based encryption (ABE) is a promising cryptographic primitive for fine-grained access control of distributed data. In ciphertext policy attribute-based encryption (CP-ABE), each user is associated with a set of attributes and data are encrypted with access policies on attributes. A user is able to decrypt a ciphertext if and only if his attributes satisfy the access policy embedded in the ciphertext. However, key escrow is inherent in ABE systems. A curious key generation center in that construction has the power to decrypt every ciphertext. We found that most of the existing ABE schemes depending on a single key authority suffer from the key escrow problem. In this study, we propose a novel CP-ABE key issuing architecture that solves the key escrow problem. The proposed scheme separates the power of issuing user keys into two parties: the key generation center and the attribute authority. In the proposed construction, the key generation center and the attribute authority issue different parts of secret key components to users through a secure two-party computation protocol such that none of them can determine the whole set of keys of users individually. We demonstrate how the proposed key issuing protocol can be applied in the existing CP-ABE scheme and resolve the key escrow problem.

Original languageEnglish
Pages (from-to)1310-1317
Number of pages8
JournalComputers and Mathematics with Applications
Issue number9
Publication statusPublished - 2013 May
Externally publishedYes


  • Access control
  • Attribute based encryption
  • Ciphertext policy
  • Privacy
  • Removing escrow

ASJC Scopus subject areas

  • Modelling and Simulation
  • Computational Theory and Mathematics
  • Computational Mathematics


Dive into the research topics of 'Removing escrow from ciphertext policy attribute-based encryption'. Together they form a unique fingerprint.

Cite this