Overview
Explore practical attacks against Attribute-based Encryption (ABE) in this 38-minute Black Hat conference talk. Delve into the intricacies of ABE, a cryptographic system that implements fine-grained access control on data without relying on a trusted entity to enforce it. Examine multi-authority variants of ABE and their applications in healthcare, Internet of Things, and cloud systems. Learn about the components of ABE, including elliptic curves, pairings, and secret sharing. Analyze how ABE schemes can fail theoretically and study specific attacks on pairing-free elliptic-curve schemes. Investigate open-source ABE implementations and gain insights into the Venema-Alpár framework. Presented by Antonio de la Piedra and Marloes Venema, this talk provides a comprehensive overview of ABE vulnerabilities and their practical implications.
Syllabus
Intro
Motivation
Overview
Introduction to ABE
Ciphertext-policy (CP) ABE
Multi-authority ABE: corruption
Applications of ABE in the Cloud
Components of ABE
Elliptic curves
Pairings
Secret sharing
Toy example
How ABE schemes fail in theory
Pairing-free elliptic-curve schemes
Venema-Alpár framework
Attack on DAC-MACS
Attack on YJ14
Open-source ABE implementations
Concluding remarks
Taught by
Black Hat