230 likes | 517 Views
Blind Attribute-Based Encryption and Oblivious Transfer with Fine-Grained Access Control. Alfredo Rial. KULeuven ESAT/SCD/COSIC – IBBT. WISSec 2010 29 / 11 / 2010. Problem. Construct a database : Anonymous access Oblivious access Access Control .
E N D
Blind Attribute-Based Encryption and Oblivious Transfer with Fine-Grained Access Control Alfredo Rial KULeuven ESAT/SCD/COSIC – IBBT WISSec 2010 29/ 11 / 2010 Oblivious Transfer with Fine-Grained Access Control
Problem • Construct a database: • Anonymousaccess • Obliviousaccess • Access Control http://marjorie-palimpsests.blogspot.com/2010/09/slushpile-hell-behind-curtain_22.html http://thedunningletter.blogspot.com/2007_11_01_archive.html http://www.mp3car.com/vbulletin/software-software-development/125398-enforcers-carpc-utilities.html Oblivious Transfer with Fine-Grained Access Control
Index • System Model and Requirements • Our Protocol • Building Blocks • Construction • Comparison with Previous Work • Conclusion http://www.cartoonstock.com/directory/d/database.asp Oblivious Transfer with Fine-Grained Access Control
1 – SYSTEM MODEL http://1.bp.blogspot.com/_48yUccSz7Vk/So2uw9QqBdI/AAAAAAAAATw/7nwBf0tsG1M/s1600-h/Online-surfing_database.jpg Oblivious Transfer with Fine-Grained Access Control
Entities http://www.shutterstock.com/pic-55111837/stock-vector-greek-building-cartoon.html http://www.francy59.altervista.org/pagine/informatica_5anno/progettazione.html http://www.clker.com/clipart-12291.html DatabaseHolder User CredentialIssuer Oblivious Transfer with Fine-Grained Access Control
CredentialIssuingPhase Input Certify Output Oblivious Transfer with Fine-Grained Access Control
InitializationPhase Input Compute encrypted DB: Verify and Output Oblivious Transfer with Fine-Grained Access Control
Transfer Phase Input Transfer Protocol Output Oblivious Transfer with Fine-Grained Access Control
Security Requirements http://www.w3.org/2010/07/12-privacy-minutes.html • Useraccessisanonymous and unlinkable • DatabaselearnsneitherUser’s attributesnoraccessed records • Useronlylearnsmessagessuchthat http://www.e-ignite.co.uk/blog/archives/category/privacy http://www.bet.com/ontv/betshows/accessgranted/ Oblivious Transfer with Fine-Grained Access Control
2.1 - BUILDING BLOCKS http://www.crypo.informatik.tu-darmstadt.de/crypo/ Oblivious Transfer with Fine-Grained Access Control
AnonymousCredentials • Signatureschemewithtwoprotocols Input Input Certify Output Oblivious Transfer with Fine-Grained Access Control
AnonymousCredentials Input Input Output or Database doesnotlearn Oblivious Transfer with Fine-Grained Access Control
Attribute-BasedEncryption • ABE schemeconsists of a tuple of algorithms: • Key Generation Center runs: • Setup: • Key Generation: • Usersrun: • Encryption: • Decryption: If of ciphertext KGC certifies and learnsUser’sattributes A Oblivious Transfer with Fine-Grained Access Control
Blind ABE with Access Control • KeyGenalgorithmisreplacedbyprotocolBlindKeyGen • Blind ABE schemebasedon Bethencourt et al’sscheme. Input Input Output KGC doesnotlearnUser’sattributes A Oblivious Transfer with Fine-Grained Access Control
2.2 - Construction • CredentialIssuingPhase • InitializationPhase • Transfer Phase http://www.cartoonstock.com/directory/p/private_information.asp Oblivious Transfer with Fine-Grained Access Control
InitializationPhase Input Run For to: Pick randomstring Encrypt Sets theciphertext Sets the DB Verify well-formedness of Output Oblivious Transfer with Fine-Grained Access Control
Transfer Phase Input Input Output For to, if: Parse as Decrypt Decrypt Output Oblivious Transfer with Fine-Grained Access Control
3-Comparison withPreviousWork http://www.cartoonstock.com/directory/d/discovering_fire.asp Oblivious Transfer with Fine-Grained Access Control
Previouswork • Coull et al.: anonymouscredentials and access control basedonstategraphs. • Inefficientformanypracticalaccess control policies. • Camenisch et al.: anonymouscredentials and assisteddecryption. http://www.crsr.net/Notes/InfernalDevice.html Oblivious Transfer with Fine-Grained Access Control
ADVANTAGES • Improvescommunicationcost of transfer phase: • Camenisch et al.: linear in number of messages • Ourwork: constant in number of messages • Permits more complexaccess control policies • Camenisch et al.: conjunction of attributes • Ourwork: conjunction, disjunction, threshold … http://wyoming5.21publish.com/goertzeni http://www.tutorvista.com/content/math/calculus/functions-limits-continuity/real-functions-graphs.php Oblivious Transfer with Fine-Grained Access Control
DISADVANTAGES • Universe of attributes: • Camenisch et al.: infinite • Ourwork: finite and fixed in theinitializationphase. http://commons.wikimedia.org/wiki/File:Infinite.svg http://www.steeldolphin.com/htmltuts/swoosh_design.html Oblivious Transfer with Fine-Grained Access Control
Conclusion • Privacy-PreservingDatabase: • Anonymity, oblivious transfer, access control policies • Communicationcost of transfer phaseconstantonnumber of accessedmessages. • Allowsthe use of more complexaccess control policies. http://www.nonprofitstrategyrevolution.org/media-graphics.php Oblivious Transfer with Fine-Grained Access Control