Advertisement

Decentralized Policy-Hiding ABE with Receiver Privacy

  • Yan Michalevsky
  • Marc Joye
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11099)

Abstract

Attribute-based encryption (ABE) enables limiting access to encrypted data to users with certain attributes. Different aspects of ABE were studied, such as the multi-authority setting (MA-ABE), and policy hiding, meaning the access policy is unknown to unauthorized parties. However, no practical scheme so far provably provides both properties, which are often desirable in real-world applications: supporting decentralization while hiding the access policy. We present the first practical decentralized ABE scheme with a proof of being policy-hiding. Our construction is based on a decentralized inner-product predicate encryption scheme, introduced in this paper, which hides the encryption policy. It results in an ABE scheme supporting conjunctions, disjunctions and threshold policies, that protects the access policy from parties that are not authorized to decrypt the content. Further, we address the issue of receiver privacy. By using our scheme in combination with vector commitments, we hide the overall set of attributes possessed by the receiver from individual authorities, only revealing the attribute that the authority is controlling. Finally, we propose randomizing-polynomial encodings that immunize the scheme in the presence of corrupt authorities.

References

  1. 1.
    Agrawal, S., Boyen, X., Vaikuntanathan, V., Voulgaris, P., Wee, H.: Functional encryption for threshold functions (or fuzzy IBE) from lattices. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 280–297. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_17CrossRefGoogle Scholar
  2. 2.
    Agrawal, S., Freeman, D.M., Vaikuntanathan, V.: Functional encryption for inner product predicates from learning with errors. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 21–40. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-25385-0_2CrossRefGoogle Scholar
  3. 3.
    Barthe, G., Danezis, G., Grégoire, B., Kunz, C., Zanella-Beguelin, S.: Verified computational differential privacy with applications to smart metering. In: 2013 IEEE 26th Computer Security Foundations Symposium (CSF), pp. 287–301. IEEE (2013)Google Scholar
  4. 4.
    Benaloh, J., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48285-7_24CrossRefGoogle Scholar
  5. 5.
    Benhamouda, F., Joye, M., Libert, B.: A new framework for privacy-preserving aggregation of time-series data. ACM Trans. Inf. Syst. Secur. 18(3), 10:1–10:21 (2016)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_16CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-70936-7_29CrossRefGoogle Scholar
  8. 8.
    Catalano, D., Fiore, D.: Vector commitments and their applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 55–72. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36362-7_5CrossRefGoogle Scholar
  9. 9.
    Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-70936-7_28CrossRefGoogle Scholar
  10. 10.
    Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM CCS 2009, pp. 121–130. ACM Press, November 2009Google Scholar
  11. 11.
    Chen, J., Gay, R., Wee, H.: Improved dual system ABE in prime-order groups via predicate encodings. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 595–624. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_20CrossRefGoogle Scholar
  12. 12.
    Chen, J., Wee, H.: Dual system groups and its applications – compact HIBE and more. Cryptology ePrint Archive, Report 2014/265 (2014). http://eprint.iacr.org/2014/265
  13. 13.
    Escala, A., Herold, G., Kiltz, E., Ràfols, C., Villar, J.L.: An algebraic framework for Diffie-Hellman assumptions. J. Cryptol. 30(1), 242–288 (2017)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Goyal, R., Koppula, V., Waters, B.: Lockable obfuscation. In: 58th FOCS, pp. 612–621. IEEE Computer Society Press (2017)Google Scholar
  15. 15.
    Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17373-8_11CrossRefGoogle Scholar
  16. 16.
    Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. J. Cryptol. 26(2), 191–224 (2013)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_31CrossRefGoogle Scholar
  18. 18.
    Müller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute-based encryption. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 20–36. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00730-9_2CrossRefGoogle Scholar
  19. 19.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted, pp. 1–9 (2008). http://s.kwma.kr/pdf/Bitcoin/bitcoin.pdf
  20. 20.
    Okamoto, T., Takashima, K.: Decentralized attribute-based signatures. Cryptology ePrint Archive, Report 2011/701 (2011). http://eprint.iacr.org/2011/701
  21. 21.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_9CrossRefGoogle Scholar
  22. 22.
    Rahulamathavan, Y., Phan, R.C.W., Rajarajan, M., Misra, S., Kondoz, A.: Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In: IEEE International Conference on Advanced Networks and Telecommunications Systems, Odisha, India, December 2017Google Scholar
  23. 23.
    Roberts, F.: UK/India consortium explore blockchain for healthcare IoT security. https://internetofbusiness.com/consortium-blockchain-iot-security/
  24. 24.
    Sahai, A., Waters, B.: Slides on functional encryption. PowerPoint presentation (2008). http://www.cs.utexas.edu/~bwaters/presentations/files/functional.ppt
  25. 25.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_27CrossRefGoogle Scholar
  26. 26.
    Shi, E., Chan, T.H.H., Rieffel, E.G., Chow, R., Song, D.: Privacy-preserving aggregation of time-series data. In: NDSS 2011. The Internet Society, February 2011Google Scholar
  27. 27.
    Wichs, D., Zirdelis, G.: Obfuscating compute-and-compare programs under LWE. In: 58th FOCS, pp. 600–611. IEEE Computer Society Press (2017)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Anjuna SecurityPalo AltoUSA
  2. 2.Stanford UniversityStanfordUSA
  3. 3.NXP SemiconductorsSan JoseUSA

Personalised recommendations