Attribute-based encryption with encryption and decryption outsourcing

In this paper we propose a new scheme for ciphertext-policy attribute-based encryption that allows outsourcing of computationally expensive encryption and decryption steps. The scheme constitutes an important building block for mobile applications where both the host and users use mobile devices with limited computational power. In the proposed scheme, during encryption the host involves a semi-trusted proxy to encrypt a partially encrypted (by the host) message according to an access policy provided by the host. The proxy is unable to learn the message from this partially encrypted text. A user can only decrypt the stored ciphertext if he possesses secret keys associated with a set of attributes that satisfies the associated policy. To reduce computational load in the decryption step, the user, in his turn, involves a semi-trusted proxy (e.g. a cloud) by deploying the scheme of Green et al. (2011). The cloud is given a transformation key that facilitates construction of an El Gamalciphertext from the original ciphertext if the user's attributes satisfy the ciphertext. This El Gamal-ciphertext can be then efficiently decrypted on the user's resource-constrained device. The resulting ABE scheme with encryption and decryption outsourcing is proven to be secure in the generic group model.