1 / 22

Blind Attribute-Based Encryption and Oblivious Transfer with Fine-Grained Access Control

Blind Attribute-Based Encryption and Oblivious Transfer with Fine-Grained Access Control. Alfredo Rial. KULeuven ESAT/SCD/COSIC – IBBT. WISSec 2010 29 / 11 / 2010. Problem. Construct a database : Anonymous access Oblivious access Access Control .

joann
Download Presentation

Blind Attribute-Based Encryption and Oblivious Transfer with Fine-Grained Access Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Blind Attribute-Based Encryption and Oblivious Transfer with Fine-Grained Access Control Alfredo Rial KULeuven ESAT/SCD/COSIC – IBBT WISSec 2010 29/ 11 / 2010 Oblivious Transfer with Fine-Grained Access Control

  2. Problem • Construct a database: • Anonymousaccess • Obliviousaccess • Access Control http://marjorie-palimpsests.blogspot.com/2010/09/slushpile-hell-behind-curtain_22.html http://thedunningletter.blogspot.com/2007_11_01_archive.html http://www.mp3car.com/vbulletin/software-software-development/125398-enforcers-carpc-utilities.html Oblivious Transfer with Fine-Grained Access Control

  3. Index • System Model and Requirements • Our Protocol • Building Blocks • Construction • Comparison with Previous Work • Conclusion http://www.cartoonstock.com/directory/d/database.asp Oblivious Transfer with Fine-Grained Access Control

  4. 1 – SYSTEM MODEL http://1.bp.blogspot.com/_48yUccSz7Vk/So2uw9QqBdI/AAAAAAAAATw/7nwBf0tsG1M/s1600-h/Online-surfing_database.jpg Oblivious Transfer with Fine-Grained Access Control

  5. Entities http://www.shutterstock.com/pic-55111837/stock-vector-greek-building-cartoon.html http://www.francy59.altervista.org/pagine/informatica_5anno/progettazione.html http://www.clker.com/clipart-12291.html DatabaseHolder User CredentialIssuer Oblivious Transfer with Fine-Grained Access Control

  6. CredentialIssuingPhase Input Certify Output Oblivious Transfer with Fine-Grained Access Control

  7. InitializationPhase Input Compute encrypted DB: Verify and Output Oblivious Transfer with Fine-Grained Access Control

  8. Transfer Phase Input Transfer Protocol Output Oblivious Transfer with Fine-Grained Access Control

  9. Security Requirements http://www.w3.org/2010/07/12-privacy-minutes.html • Useraccessisanonymous and unlinkable • DatabaselearnsneitherUser’s attributesnoraccessed records • Useronlylearnsmessagessuchthat http://www.e-ignite.co.uk/blog/archives/category/privacy http://www.bet.com/ontv/betshows/accessgranted/ Oblivious Transfer with Fine-Grained Access Control

  10. 2.1 - BUILDING BLOCKS http://www.crypo.informatik.tu-darmstadt.de/crypo/ Oblivious Transfer with Fine-Grained Access Control

  11. AnonymousCredentials • Signatureschemewithtwoprotocols Input Input Certify Output Oblivious Transfer with Fine-Grained Access Control

  12. AnonymousCredentials Input Input Output or Database doesnotlearn Oblivious Transfer with Fine-Grained Access Control

  13. Attribute-BasedEncryption • ABE schemeconsists of a tuple of algorithms: • Key Generation Center runs: • Setup: • Key Generation: • Usersrun: • Encryption: • Decryption: If of ciphertext KGC certifies and learnsUser’sattributes A Oblivious Transfer with Fine-Grained Access Control

  14. Blind ABE with Access Control • KeyGenalgorithmisreplacedbyprotocolBlindKeyGen • Blind ABE schemebasedon Bethencourt et al’sscheme. Input Input Output KGC doesnotlearnUser’sattributes A Oblivious Transfer with Fine-Grained Access Control

  15. 2.2 - Construction • CredentialIssuingPhase • InitializationPhase • Transfer Phase http://www.cartoonstock.com/directory/p/private_information.asp Oblivious Transfer with Fine-Grained Access Control

  16. InitializationPhase Input Run For to: Pick randomstring Encrypt Sets theciphertext Sets the DB Verify well-formedness of Output Oblivious Transfer with Fine-Grained Access Control

  17. Transfer Phase Input Input Output For to, if: Parse as Decrypt Decrypt Output Oblivious Transfer with Fine-Grained Access Control

  18. 3-Comparison withPreviousWork http://www.cartoonstock.com/directory/d/discovering_fire.asp Oblivious Transfer with Fine-Grained Access Control

  19. Previouswork • Coull et al.: anonymouscredentials and access control basedonstategraphs. • Inefficientformanypracticalaccess control policies. • Camenisch et al.: anonymouscredentials and assisteddecryption. http://www.crsr.net/Notes/InfernalDevice.html Oblivious Transfer with Fine-Grained Access Control

  20. ADVANTAGES • Improvescommunicationcost of transfer phase: • Camenisch et al.: linear in number of messages • Ourwork: constant in number of messages • Permits more complexaccess control policies • Camenisch et al.: conjunction of attributes • Ourwork: conjunction, disjunction, threshold … http://wyoming5.21publish.com/goertzeni http://www.tutorvista.com/content/math/calculus/functions-limits-continuity/real-functions-graphs.php Oblivious Transfer with Fine-Grained Access Control

  21. DISADVANTAGES • Universe of attributes: • Camenisch et al.: infinite • Ourwork: finite and fixed in theinitializationphase. http://commons.wikimedia.org/wiki/File:Infinite.svg http://www.steeldolphin.com/htmltuts/swoosh_design.html Oblivious Transfer with Fine-Grained Access Control

  22. Conclusion • Privacy-PreservingDatabase: • Anonymity, oblivious transfer, access control policies • Communicationcost of transfer phaseconstantonnumber of accessedmessages. • Allowsthe use of more complexaccess control policies. http://www.nonprofitstrategyrevolution.org/media-graphics.php Oblivious Transfer with Fine-Grained Access Control

More Related