Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Attribute-based Encryption

Attribute-based encryption enables fine-grained control of encrypted data [SW05]. In a ciphertext-policy ABE (CP-ABE) scheme [GPSW06], for instance, ciphertexts are attached to access policies and keys are associated with sets of attributes. A key is able to recover the message hidden in a ciphertext if and only if the set of attributes satisfy the access policy. To give an example, a policy P could say (Zipcode:90210 OR City:BeverlyHills) AND (AgeGroup:18-25) and an individual A could have a key for ({Zipcode:90210}, {AgeGroup:Over65}), in which case A would not be able to decrypt any message encrypted under P. A key policy (KP-ABE) scheme, on the other hand, is the dual of CP-ABE with ciphertexts attached to attribute sets and keys associated with access policies.

I have implemented several ABE schemes in Python using the Charm framework [AGMPRGP13]. Specifically, CP-ABE schemes from [BSW07, Section 4.2], [Waters11, Section 3], [CGW15, Appendix B.2 (full version)], and [AC17, Section 3] are implemented. All implementations are based on Type-III pairings; see AC17 for details.

Some of the schemes above are bounded universe, i.e. they support an a-priori bounded number of attributes. To initialize such schemes, an additional parameter uni_size needs to be specified. Some schemes are secure under the k-linear family of assumptions, so k must be set properly during initialization through the parameter assump_size.


The schemes have been tested with Charm 0.43 and Python 2.7.10 on Mac OS X. Charm 0.43 can be installed from this page, or by running

pip install -r requirements.txt

Charm may not compile on Linux systems due to the incompatibility of OpenSSL versions 1.0 and 1.1. You can either install charm-crypto from the system package manager or downgrade OpenSSL to version 1.0.

Once you have Charm, just do

make && pip install . && python samples/

to run the AC17 CP-ABE scheme. You can easily modify samples/ to try any scheme you wish.


  1. [SW05] Sahai, Amit, and Brent Waters. "Fuzzy identity-based encryption." In Eurocrypt, vol. 3494, pp. 457-473. 2005.
  2. [GPSW06] Goyal, Vipul, Omkant Pandey, Amit Sahai, and Brent Waters. "Attribute-based encryption for fine-grained access control of encrypted data." In Proceedings of the 13th ACM conference on Computer and communications security, pp. 89-98. ACM, 2006. Full version available on ePrint Archive, Report 2006/309.
  3. [BSW07] Bethencourt, John, Amit Sahai, and Brent Waters. "Ciphertext-policy attribute-based encryption." In Security and Privacy, 2007. SP'07. IEEE Symposium on, pp. 321-334. IEEE, 2007.
  4. [Waters11] Waters, Brent. "Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization." In Public Key Cryptography, vol. 6571, pp. 53-70. 2011.
  5. [AGMPRGR13] Akinyele, Joseph A., Christina Garman, Ian Miers, Matthew W. Pagano, Michael Rushanan, Matthew Green, and Aviel D. Rubin. "Charm: a framework for rapidly prototyping cryptosystems." Journal of Cryptographic Engineering 3, no. 2 (2013): 111-128.
  6. [CGW15] Chen, Jie, Romain Gay, and Hoeteck Wee. "Improved Dual System ABE in Prime-Order Groups via Predicate Encodings." In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 595-624. Springer, Berlin, Heidelberg, 2015. Full version available on ePrint Archive, Report 2015/409.
  7. [AC17] Agrawal, Shashank, and Melissa Chase. "FAME: fast attribute-based message encryption." In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 665-682. 2017. Full version available on ePrint Archive, Report 2017/807.


Attribute-based Encryption







No releases published


No packages published