As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for fine-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumesHierarchical Identity-Based Encryption (HIBE).

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Michel Abdalla, Dario Catalano, Alexander W. Dent,John Malone-Lee,Gregory Neven, and Nigel P. Smart. Identity-based encryption gone wild. In Michele Bugliesi,Bart Preneel,Vladimiro Sassone,and Ingo Wegener, editors, ICALP (2)volume 4052 of Lecture Notes in Computer Science pages 300--311. Springer, 2006.
	2	S. G. Akl and P. D. Taylor. Cryptographic Solution to a Multi Level Security Problem.In Advances in Cryptology -- CRYPTO 1982.
	3	A. Beimel. Secure Schemes for Secret Sharing and Key Distribution PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel, 1996.
	4	Mihir Bellare , Phillip Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, Proceedings of the 1st ACM conference on Computer and communications security, p.62-73, November 03-05, 1993, Fairfax, Virginia, United States  [doi>10.1145/168588.168596]
	5	Josh Cohen Benaloh , Jerry Leichter, Generalized Secret Sharing and Monotone Functions, Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology, p.27-35, August 21-25, 1988
	6	G. R. Blakley. Safeguarding cryptographic keys.In National Computer Conference pages 313--317. American Federation of Information Processing Societies Proceedings, 1979.
	7	D. Boneh and X. Boyen. Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles.In Advances in Cryptology -- Eurocrypt volume 3027 of LNCS pages 223--238. Springer, 2004.
	8	D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano. Public-Key Encryption with Keyword Search.In Advances in Cryptology -- Eurocrypt volume 3027 of LNCS pages 506--522. Springer, 2004.
	9	Dan Boneh , Matthew K. Franklin, Identity-Based Encryption from the Weil Pairing, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.213-229, August 19-23, 2001
	10	D. Boneh, C. Gentry, and B. Waters. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys. In Advances in Cryptology -- CRYPTO volume 3621 of LNCS pages 258--275. Springer, 2005.
	11	Dan Boneh and Jonathan Katz.Improved efficiency for cca-secure cryptosystems built using identity-based encryption. In CT-RSA pages 87--103, 2005.
	12	Xavier Boyen , Qixiang Mei , Brent Waters, Direct chosen ciphertext security from identity-based techniques, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA  [doi>10.1145/1102120.1102162]
	13	Robert W. Bradshaw , Jason E. Holt , Kent E. Seamons, Concealing complex policies with hidden credentials, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA  [doi>10.1145/1030083.1030104]
	14	E.F.Brickell.Some ideal secret sharing schemes.Journal of Combinatorial Mathematics and Combinatorial Computing 6:105--113, 1989.
	15	R. Canetti, S. Halevi, and J. Katz. A Forward-Secure Public-Key Encryption Scheme.In Advances in Cryptology -- Eurocrypt volume 2656 of LNCS Springer, 2003.
	16	R. Canetti, S. Halevi, and J. Katz. Chosen Ciphertext Security from Identity Based Encryption.In Advances in Cryptology -- Eurocrypt volume 3027 of LNCS pages 207--222. Springer, 2004.
	17	Clifford Cocks, An Identity Based Encryption Scheme Based on Quadratic Residues, Proceedings of the 8th IMA International Conference on Cryptography and Coding, p.360-363, December 17-19, 2001
	18	Danfeng Yao , Nelly Fazio , Yevgeniy Dodis , Anna Lysyanskaya, ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA  [doi>10.1145/1030083.1030130]
	19	Rita Gavriloaie, Wolfgang Nejdl, Daniel Olmedilla, Kent E. Seamons, and Marianne Winslett. No registration needed:How to use declarative policies and negotiation to access sensitive resources on the semantic web. In ESWS pages 342--356, 2004.
	20	Craig Gentry , Alice Silverberg, Hierarchical ID-Based Cryptography, Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, p.548-566, December 01-05, 2002
	21	V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute Based Encryption for Fine-Grained Access Conrol of Encrypted Data. Avaialble at:http://eprint.iacr.org/2006/.
	22	Dani Halevy , Adi Shamir, The LSD Broadcast Encryption Scheme, Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.47-60, August 18-22, 2002
	23	Hugh Harney, Andrea Colgrove, and Patrick Drew McDaniel. Principles of policy in secure groups.In NDSS 2001.
	24	Jeremy Horwitz , Ben Lynn, Toward Hierarchical Identity-Based Encryption, Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology, p.466-481, May 02, 2002
	25	M. Ito, A. Saito, and T. Nishizeki. Secret Sharing Scheme Realizing General Access Structure. In IEEE Globecom IEEE, 1987.
	26	Myong H. Kang , Joon S. Park , Judith N. Froscher, Access control mechanisms for inter-organizational workflow, Proceedings of the sixth ACM symposium on Access control models and technologies, p.66-74, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373266]
	27	Jiangtao Li , Ninghui Li , William H. Winsborough, Automated trust negotiation using cryptographic credentials, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA  [doi>10.1145/1102120.1102129]
	28	Patrick McDaniel , Atul Prakash, Methods and Limitations of Security Policy Reconciliation, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.73, May 12-15, 2002
	29	Cisco Networks.http://netflow.cesnet.cz/n netflow.php
	30	Matthew Pirretti , Patrick Traynor , Patrick McDaniel , Brent Waters, Secure attribute-based systems, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA  [doi>10.1145/1180405.1180419]
	31	Amit Sahai, Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security, Proceedings of the 40th Annual Symposium on Foundations of Computer Science, p.543, October 17-18, 1999
	32	A. Sahai and B. Waters. Fuzzy Identity Based Encryption. In Advances in Cryptology -- Eurocrypt volume 3494 of LNCS pages 457--473. Springer, 2005.
	33	Adi Shamir, How to share a secret, Communications of the ACM, v.22 n.11, p.612-613, Nov. 1979  [doi>10.1145/359168.359176]
	34	Adi Shamir, Identity-based cryptosystems and signature schemes, Proceedings of CRYPTO 84 on Advances in cryptology, p.47-53, August 1985, Santa Barbara, California, United States
	35	Nigel P. Smart. Access control using pairing based cryptography. In CT-RSA pages 111--121, 2003.
	36	Ting Yu , Marianne Winslett, A Unified Scheme for Resource Protection in Automated Trust Negotiation, Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.110, May 11-14, 2003