Skip to main content
SpringerLink
Log in

Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation

  • Conference paper
Financial Cryptography and Data Security (FC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10322))

Included in the following conference series:

Abstract

We introduce the notion of homomorphic proxy re-authenticators, a tool that adds security and verifiability guarantees to multi-user data aggregation scenarios. It allows distinct sources to authenticate their data under their own keys, and a proxy can transform these single signatures or message authentication codes (MACs) to a MAC under a receiver’s key without having access to it. In addition, the proxy can evaluate arithmetic circuits (functions) on the inputs so that the resulting MAC corresponds to the evaluation of the respective function. As the messages authenticated by the sources may represent sensitive information, we also consider hiding them from the proxy and other parties in the system, except from the receiver.

We provide a general model and two modular constructions of our novel primitive, supporting the class of linear functions. On our way, we establish various novel building blocks. Most interestingly, we formally define the notion and present a construction of homomorphic proxy re-encryption, which may be of independent interest. The latter allows users to encrypt messages under their own public keys, and a proxy can re-encrypt them to a receiver’s public key (without knowing any secret key), while also being able to evaluate functions on the ciphertexts. The resulting re-encrypted ciphertext then holds an evaluation of the function on the input messages.

The full version of this paper is available as IACR Cryptology ePrint Archive Report 2017/086. All authors have been supported by EU H2020 project Prismacloud, grant agreement no. 644962. S. Ramacher has additionally been supported by EU H2020 project Credential, grant agreement no. 653454.

Work done while Daniel Slamanig was still at IAIK, Graz University of Technology,

Graz, Austria.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    While the homomorphic properties might allow one to define a function mapping to a target key, it is unclear whether handing over the description of such a function to a proxy would maintain the security requirements posed by our application.

  2. 2.

    It is impossible to consider both, signers and aggregators, to be dishonest at the same time, as such a coalition could essentially authenticate everything. This is in contrast to the setting of proxy re-encryption, where it makes sense to model security in the face of receivers colluding with the proxy.

References

  1. Abe, M., Hoshino, F., Ohkubo, M.: Design in Type-I, run in Type-III: fast and scalable bilinear-type conversion using integer programming. In: CRYPTO 2016 (2016)

    Google Scholar 

  2. Agrawal, S., Boneh, D.: Homomorphic MACs: MAC-based integrity for network coding. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 292–305. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01957-9_18

    Chapter  Google Scholar 

  3. Akinyele, J.A., Garman, C., Hohenberger, S.: Automating fast and secure translations from Type-I to Type-III pairing schemes. In: CCS 2015 (2015)

    Google Scholar 

  4. Alperin-Sheriff, J., Peikert, C.: Faster bootstrapping with polynomial error. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 297–314. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_17

    Chapter  Google Scholar 

  5. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)

    Article  MATH  Google Scholar 

  6. Ateniese, G., Hohenberger, S.: Proxy re-signatures: new definitions, algorithms, and applications. In: CCS 2015 (2005)

    Google Scholar 

  7. Ayday, E., Raisaro, J.L., Hubaux, J., Rougemont, J.: Protecting and evaluating genomic privacy in medical tests and personalized medicine. In: WPES 2013 (2013)

    Google Scholar 

  8. Backes, M., Fiore, D., Reischuk, R.M.: Verifiable delegation of computation on outsourced data. In: CCS 2013 (2013)

    Google Scholar 

  9. Bellare, M., Boldyreva, A., Kurosawa, K., Staddon, J.: Multirecipient encryption schemes: How to save on bandwidth and computation without sacrificing security. IEEE Trans. Inf. Theory 53(11), 3927–3943 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  10. Benhamouda, F., Joye, M., Libert, B.: A new framework for privacy-preserving aggregation of time-series data. ACM Trans. Inf. Syst. Secur. 18(3), 21 (2016)

    Article  Google Scholar 

  11. Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054122

    Chapter  Google Scholar 

  12. Blazy, O., Bultel, X., Lafourcade, P.: Two secure anonymous proxy-based data storages. In: SECRYPT, pp. 251–258 (2016)

    Google Scholar 

  13. Boneh, D., Freeman, D., Katz, J., Waters, B.: Signing a linear subspace: signature schemes for network coding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00468-1_5

    Chapter  Google Scholar 

  14. Boneh, D., Lewi, K., Montgomery, H., Raghunathan, A.: Key homomorphic PRFs and their applications. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 410–428. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_23

    Chapter  Google Scholar 

  15. Borceaa, C., Guptaa, A.B.D., Polyakova, Y., Rohloffa, K., Ryana, G.: Picador: End-to-end encrypted publish-subscribe information distribution with proxy re-encryption. Future Gener. Comp. Syst. 62, 119–127 (2016)

    Google Scholar 

  16. Canard, S., Devigne, J.: Highly privacy-protecting data sharing in a tree structure. Future Gener. Comp. Syst. 62, 119–127 (2016)

    Article  Google Scholar 

  17. Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: CCS, pp. 185–194 (2007)

    Google Scholar 

  18. Castelluccia, C., Chan, A.C.F., Mykletun, E., Tsudik, G.: Efficient and provably secure aggregation of encrypted data in wireless sensor networks. ACM Trans. Sen. Netw. 5(3) (2009)

    Google Scholar 

  19. Catalano, D.: Homomorphic signatures and message authentication codes. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 514–519. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10879-7_29

    Chapter  MATH  Google Scholar 

  20. Catalano, D., Fiore, D.: Using linearly-homomorphic encryption to evaluate degree-2 functions on encrypted data. In: CCS 2015 (2015)

    Google Scholar 

  21. Catalano, D., Fiore, D., Warinschi, B.: Homomorphic signatures with efficient verification for polynomial functions. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 371–389. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_21

    Chapter  Google Scholar 

  22. Catalano, D., Marcedone, A., Puglisi, O.: Authenticating computation on groups: new homomorphic primitives and applications. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 193–212. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_11

    Chapter  Google Scholar 

  23. Chan, T.-H.H., Shi, E., Song, D.: Privacy-preserving stream aggregation with fault tolerance. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 200–214. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32946-3_15

    Chapter  Google Scholar 

  24. Danezis, G., Livshits, B.: Towards ensuring client-side computational integrity. In: CCSW 2011 (2011)

    Google Scholar 

  25. Derler, D., Slamanig, D.: Key-homomorphic signatures and applications to multiparty signatures. Cryptology ePrint Archive 2016, 792 (2016)

    MATH  Google Scholar 

  26. Fiore, D., Mitrokotsa, A., Nizzardo, L., Pagnin, E.: Multi-key homomorphic authenticators. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 499–530. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6_17

    Chapter  Google Scholar 

  27. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC 2009 (2009)

    Google Scholar 

  28. Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_5

    Chapter  Google Scholar 

  29. Günther, F., Manulis, M., Peter, A.: Privacy-enhanced participatory sensing with collusion resistance and data aggregation. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 321–336. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12280-9_21

    Chapter  Google Scholar 

  30. Ivan, A., Dodis, Y.: Proxy cryptography revisited. In: NDSS 2003 (2003)

    Google Scholar 

  31. Joye, M., Libert, B.: A scalable scheme for privacy-preserving aggregation of time-series data. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 111–125. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_10

    Chapter  MATH  Google Scholar 

  32. Lai, J., Deng, R.H., Pang, H., Weng, J.: Verifiable computation on outsourced encrypted data. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 273–291. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11203-9_16

    Chapter  Google Scholar 

  33. Lai, R.W.F., Tai, R.K.H., Wong, H.W.H., Chow, S.S.M.: A zoo of homomorphic signatures: Multi-key and key-homomorphism. Cryptology ePrint Archive, Report 2016/834 (2016)

    Google Scholar 

  34. Leontiadis, I., Elkhiyaoui, K., Molva, R.: Private and dynamic time-series data aggregation with trust relaxation. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 305–320. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12280-9_20

    Chapter  Google Scholar 

  35. Leontiadis, I., Elkhiyaoui, K., Önen, M., Molva, R.: PUDA – privacy and unforgeability for data aggregation. In: Reiter, M., Naccache, D. (eds.) CANS 2015. LNCS, vol. 9476, pp. 3–18. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26823-1_1

    Chapter  Google Scholar 

  36. Li, Q., Cao, G.: Efficient privacy-preserving stream aggregation in mobile sensing with low aggregation error. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 60–81. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39077-7_4

    Chapter  Google Scholar 

  37. Li, Q., Cao, G., Porta, T.F.L.: Efficient and privacy-aware data aggregation in mobile sensing. IEEE Trans. Dep. Sec. Comput. 11(2), 115–129 (2014)

    Article  Google Scholar 

  38. Libert, B., Vergnaud, D.: Multi-use unidirectional proxy re-signatures. In: CCS 2008 (2008)

    Google Scholar 

  39. Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. IEEE Trans. Inf. Theory 57(3), 1786–1802 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  40. Ma, C., Li, J., Ouyang, W.: A homomorphic proxy re-encryption from lattices. In: Chen, L., Han, J. (eds.) ProvSec 2016. LNCS, vol. 10005, pp. 353–372. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47422-9_21

    Chapter  Google Scholar 

  41. Nuñez, D., Agudo, I.: BlindIdM: a privacy-preserving approach for identity management as a service. Int. J. Inf. Sec. 13(2), 199–215 (2014)

    Article  Google Scholar 

  42. Nuñez, D., Agudo, I., Lopez, J.: Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services. In: CloudCom, pp. 241–248 (2012)

    Google Scholar 

  43. Nuñez, D., Agudo, I., Lopez, J.: A parametric family of attack models for proxy re-encryption. In: CSF, pp. 290–301 (2015)

    Google Scholar 

  44. Nuñez, D., Agudo, I., Lopez, J.: On the application of generic CCA-secure transformations to proxy re-encryption. Secur. Commun. Netw. 9(12), 1769–1785 (2016)

    Article  Google Scholar 

  45. Rastogi, V., Nath, S.: Differentially private aggregation of distributed time-series with transformation and encryption. In: SIGMOD 2010 (2010)

    Google Scholar 

  46. Shi, E., Chan, T.H.H., Rieffel, E.G., Chow, R., Song, D.: Privacy-preserving aggregation of time-series data. In: NDSS 2011 (2011)

    Google Scholar 

  47. Slamanig, D., Stranacher, K., Zwattendorfer, B.: User-centric identity as a service-architecture for eIDs with selective attribute disclosure. In: SACMAT, pp. 153–164 (2014)

    Google Scholar 

  48. Walfish, M., Blumberg, A.J.: Verifying computations without reexecuting them. Commun. ACM 58(2), 74–84 (2015)

    Article  Google Scholar 

  49. Xu, P., Xu, J., Wang, W., Jin, H., Susilo, W., Zou, D.: Generally hybrid proxy re-encryption: a secure data sharing among cryptographic clouds. In: AsiaCCS, pp. 913–918 (2016)

    Google Scholar 

  50. Zwattendorfer, B., Slamanig, D., Stranacher, K., Hörandner, F.: A federated cloud identity broker-model for enhanced privacy via proxy re-encryption. In: De Decker, B., Zúquete, A. (eds.) CMS 2014. LNCS, vol. 8735, pp. 92–103. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44885-4_8

    Chapter  Google Scholar 

Download references

Acknowledgements

We thank David Nuñez for his valuable comments on a draft of this paper.

Author information

Authors and Affiliations

  1. IAIK, Graz University of Technology, Graz, Austria

    David Derler & Sebastian Ramacher

  2. AIT Austrian Institute of Technology, Vienna, Austria

    Daniel Slamanig

Authors
  1. David Derler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sebastian Ramacher
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Slamanig
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David Derler .

Editor information

Editors and Affiliations

  1. University of Edinburgh, Edinburgh, UK

    Aggelos Kiayias

Rights and permissions

Reprints and permissions

Copyright information

© 2017 International Financial Cryptography Association

About this paper

Cite this paper

Derler, D., Ramacher, S., Slamanig, D. (2017). Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation. In: Kiayias, A. (eds) Financial Cryptography and Data Security. FC 2017. Lecture Notes in Computer Science(), vol 10322. Springer, Cham. https://doi.org/10.1007/978-3-319-70972-7_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-70972-7_7

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-70971-0

  • Online ISBN: 978-3-319-70972-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation