0Pricing
Cryptology Academy · Lesson

Ciphertext-Policy ABE (CP-ABE)

Study CP-ABE where the encryptor embeds an access policy and decryption requires attributes satisfying that policy.

CP-ABE Core Idea

In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), the encryptor embeds an access policy directly in the ciphertext. A user holds a secret key that encodes their set of attributes. Decryption succeeds if and only if the user's attributes satisfy the access policy embedded in the ciphertext. The encryptor controls who can decrypt by specifying the policy at encryption time.

Access Policies in CP-ABE

Access policies in CP-ABE are expressed as monotone boolean formulas over attributes, typically represented as linear secret sharing schemes (LSSS) or access trees. The policy can include AND gates, OR gates, and threshold gates. An AND gate requires all listed attributes; an OR gate requires any one; a t-of-n threshold gate requires at least t of the n listed attributes. These gates can be nested to express complex access structures.

All lessons in this course

  1. Beyond Public-Key: Functional Encryption
  2. Ciphertext-Policy ABE (CP-ABE)
  3. Key-Policy ABE (KP-ABE) and Comparison
  4. Practical Applications of ABE
← Back to Cryptology Academy