Gradual Identity Exposure Using Attribute-Based Encryption
This chapter proposes a new concept – Gradual Identity Exposure – to protect data receivers’ identity. Many Attribute-Based Encryption (ABE) schemes do not protect receivers’ privacy, such that all the attributes to describe the eligible receivers are transmitted in plaintexts. The introduction of Identity Based Encryption schemes significantly enriched the identity management research by combining identity management with key management and encryption/decryption procedures. The data access policy is attached to the ciphertext in plaintext form. Hidden policy-based ABE schemes have been proposed to protect receivers’ privacy by using a construction that requires every user in the system to decrypt the ciphertext using all the attributes they possess, which incurs great computation and communication overhead. In Attribute-Based Encryption, the identity is extended to a set of descriptive attributes that define, classify or annotate the user to which they are assigned. The encryptor can enforce an access policy, defined as a set of attributes, with encryption.