PIRATTE: Proxy-based Immediate Revocation of ATTribute-based Encryption

Package: piratte.zip
License: GPL
Developers: Sonia Jahid, Nikita Borisov (advisory role)
Contact: sjahid2@illlinois.edu
Added to ACSC: August 24, 2012
Last updated: August 24, 2012

Description

This toolkit provides an implementation of Proxy-based Immediate Revocation of ATTribute-based Encryption (PIRATTE) system by Sonia Jahid and Nikita Borisov. PIRATTE is a revocation scheme for Ciphertext Policy Attribute-Based Encryption (CP-ABE) system due to Bethencourt, Sahai, and Waters.

Revocation in CP-ABE is challenging since most existing approaches are based on key expiration, re-keying every user, and/or re-encrypting existing ciphertext. A key and novel feature of PIRATTE architecture is that it is possible to remove access from a user without issuing new keys to other users or re-encrypting existing ciphertexts. We achieve this by introducing a proxy that participates in the decryption process and enforces revocation constraints. The proxy is minimally trusted and cannot decrypt ciphertexts or provide access to previously revoked users.

The code uses PBC library. As CP-ABE toolkit, it is split into two packages, libbswabe-piratte (the library with core implementation) and piratte (the higher level implementation and interface). Please install the library first.

Thanks to Prateek Mittal to help with this project.

Documentation

To try the toolkit, please refer to the README included in the .zip file.

Bugs and Limitations

None known.

Papers

The scheme is implemented as described in the following papers.