Efficient single round attribute-based authenticated key exchange protocol

Attribute-Based Authenticated Key Exchange (ABAKE) protocols allow two or more users to establish a shared key and achieve mutual authentication over an insecure network, while providing fine-grained access control over transmitted data. The existing ABAKE protocols are very inefficient, requiring a large number (polynomial in the size of the access policies) of pairing and exponentiation operations. This presents a major hindrance in the real-world deployment of these protocols. In this work, we present a construction of ABAKE protocol where the number of pairing operations is constant (to be precise only 7) and the number of exponentiation operations is linear to the number of clauses in the disjunctive normal form representing the general access policies. To this end, we construct an Attribute-Based Signcryption (ABSC) scheme with constant number of pairings, and use it as the main building block in our ABAKE construction. This also gives the first construction of ABSC schemes with constant number of pairings for general purpose access policies in the standard model. Another important and desirable feature of our ABAKE construction is that it is round-optimal, i.e. it is a single round protocol. We analyse the security of our ABAKE construction in the Attribute-Based extended Canetti-Krawzyck (ABeCK) model, and prove its security assuming the hardness of a variant of the Bilinear Diffie-Hellman Exponent problem in the random oracle model.