Multiparty Selective Disclosure using Attribute-Based Encryption

TL;DR

This paper introduces a method combining Attribute-Based Encryption with SD-JWTs to enable flexible, attribute-based selective disclosure of information, with feasibility demonstrated through performance evaluation.

Contribution

It integrates Ciphertext-Policy ABE into SD-JWT framework, allowing customizable access control for disclosures, a novel approach for privacy-preserving data sharing.

Findings

SD-JWT generation is lightweight

Encryption and decryption times increase linearly with disclosures

Suitable for privacy-sensitive applications but needs optimization for real-time use

Abstract

This study proposes a mechanism for encrypting SD-JWT (Selective Disclosure JSON Web Token) Disclosures using Attribute-Based Encryption (ABE) to enable flexible access control on the basis of the Verifier's attributes. By integrating Ciphertext-Policy ABE (CP-ABE) into the existing SD-JWT framework, the Holder can assign decryption policies to Disclosures, ensuring information is selectively disclosed. The mechanism's feasibility was evaluated in a virtualized environment by measuring the processing times for SD-JWT generation, encryption, and decryption with varying Disclosure counts (5, 10, 20). Results showed that SD-JWT generation is lightweight, while encryption and decryption times increase linearly with the number of Disclosures. This approach is suitable for privacy-sensitive applications like healthcare, finance, and supply chain tracking but requires optimization for real-time use cases such as IoT. Future research should focus on improving ABE efficiency and addressing scalability challenges.