Duality in ABE: Converting Attribute Based Encryption for Dual Predicate and Dual Policy via Computational Encodings

We show a generic conversion that converts an attribute based encryption (ABE)scheme for arbitrary predicate into an ABE scheme for its dual predicate. In particular, itcan convert key-policy ABE (KP-ABE) into ciphertext-policy ABE (CP-ABE), and viceversa, for dually related predicates. It is generic in the sense that it can be applied toarbitrary predicates. On the other hand, it works only within the generic ABE frameworkrecently proposed by Attrapadung (Eurocrypt’14), which provides a generic compilerthat compiles a simple primitive called pair encodings into fully secure ABE. Insidethis framework, Attrapadung proposed the first generic dual conversion that works onlyfor subclass of encodings, namely, perfectly secure encodings. However, there are manypredicates for which realizations of such encodings are not known, and hence the problemsof constructing fully secure ABE for their dual predicates were left unsolved.In this paper, we revisit the dual conversion of Attrapadung, and show that, somewhatsurprisingly, the very same conversion indeed also works for broader classes of encodings,namely, computationally secure encodings. Consequently, we thus solve the above openproblems as we obtain the first fully secure realizations of completely-unbounded CP-ABE and CP-ABE with short keys for Boolean formulae, via applying the conversion topreviously proposed KP-ABE.Moreover, we provide a generic conversion that converts ABE into its dual-policyvariant. Dual-policy ABE (DP-ABE) conjunctively combines both KP-ABE and CP-ABE into one primitive, and hence can be useful in general-purpose applications. Asfor instantiations, we obtain the first realizations of fully secure DP-ABE for formulae,unbounded DP-ABE for formulae, and DP-ABE for regular languages. The latter twosystems are the first to realize such functionalities, let alone are fully secure.