Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
ATZ-Fachkongress

Chassis.tech plus 2024


4 Kongresse in einer Veranstaltung

Treffen Sie in München die Fachleute von Chassis, Lenkung, Bremsen sowie Reifen/Räder.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Delegating RAM Computations with Adaptive Soundness and Privacy Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

Access Control Encryption: Enforcing Information Flow with Cryptography

verfasst von : Ivan Damgård, Helene Haagh, Claudio Orlandi

Erschienen in: Theory of Cryptography

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

We initiate the study of Access Control Encryption (ACE), a novel cryptographic primitive that allows fine-grained access control, by giving different rights to different users not only in terms of which messages they are allowed to receive, but also which messages they are allowed to send.
Classical examples of security policies for information flow are the well known Bell-Lapadula [BL73] or Biba [Bib75] model: in a nutshell, the Bell-Lapadula model assigns roles to every user in the system (e.g., public, secret and top-secret). A users’ role specifies which messages the user is allowed to receive (i.e., the no read-up rule, meaning that users with public clearance should not be able to read messages marked as secret or top-secret) but also which messages the user is allowed to send (i.e., the no write-down rule, meaning that a malicious user with top-secret clearance should not be able to write messages marked as secret or public). To the best of our knowledge, no existing cryptographic primitive allows for even this simple form of access control, since no existing cryptographic primitive enforces any restriction on what kind of messages one should be able to encrypt. Our contributions are:
  • Introducing and formally defining access control encryption (ACE);
  • A construction of ACE with complexity linear in the number of the roles based on classic number theoretic assumptions (DDH, Paillier);
  • A construction of ACE with complexity polylogarithmic in the number of roles based on recent results on cryptographic obfuscation;

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Designing Proof of Human-Work Puzzles for Cryptocurrency and Beyond
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
Note that the sanitizer has to send the ciphertext to all receivers – both those who are allowed to decrypt and those who are not. A sanitizer who could decide whether a particular receiver is allowed to receive a particular ciphertext would trivially be able to distinguish between different senders with different writing rights.
 
2
The number of senders equals the number of receivers only for the sake of exposition.
 
3
The security model, formalized in Definitions 2 and 3, is more general than this.
 
4
Note that it is possible to reduce the trust on the sanitizer in different ways: in a black-box way, one could imagine several parties emulating the work of the sanitizer using MPC. In a more concrete way, it is possible to have a chain of sanitizers, where the senders send their encryptions to sanitizer 1, the receivers receive ciphertexts from sanitizer n, and sanitizer \(i+1\) further sanitizes the output of sanitizer i. We note that all definitions and constructions in this paper can be easily generalized to this scenario but, to keep the presentation as simple as possible, we do not discuss this solution further and stick to the case of a single sanitizer.
 
5
We note that this is a relaxation of re-randomizability for FE, in the sense that we do not require sanitized ciphertexts to be indistinguishable from fresh encryptions, but only independent of the randomness used in the original encryption. However, to the best of our knowledge, no re-randomizable FE scheme for all circuits exist.
 
6
Similar to a re-randomizable encryption scheme, where we do not require sanitized ciphertexts to look indistinguishable from fresh encryptions.
 
7
We use the convention that all other algorithms take pp as input even if not specified. Formally, one can think of the pp as being part of msk and all other keys ekdksk.
 
8
To make notation more compact we define two special identities: \(i=0\) representing a sender or receiver with no rights such that \(P(0,j) = 0 = P(i,0)\) for all \(i,j \in [n]\); \(i=n+1\) to be the sanitizer identity, which cannot receive from anyone but can send to all i.e., \(P(n+1,j)=1 \ \forall j\in [n]\) and \(P(i,n+1)=0 \ \forall i\in [n]\)
 
9
Note that the adversary is allowed to ask for any senders’ key in the post-challenge queries.
 
10
Recall that we defined \(ek_0=pp\).
 
11
There exists some encoding function that takes a message m from the message space of the \(\mathsf {ACE}\) scheme and encodes it into a message of each of the \(1\)-ACE message spaces. The ciphertext spaces of the \(\mathsf {ACE}\) scheme are the crossproduct of all the \(1\)-ACE ciphertext spaces, thus \(\mathcal {C}= \mathcal {C}_1^\mathsf {1ACE}\times \cdots \times \mathcal {C}_n^\mathsf {1ACE}\) and \(\mathcal {C}' = {\mathcal {C}'_1}^\mathsf {1ACE}\times \cdots \times {\mathcal {C}'_n}^\mathsf {1ACE}\).
 
12
Here \(c_j^\mathsf {1ACE}\leftarrow _\$ \mathcal {C}_j^\mathsf {1ACE}\) is a shorthand for \(c_j^\mathsf {1ACE}\leftarrow \mathsf {1ACE}.\mathsf {Enc}(pp_j^\mathsf {1ACE}, \bot )\).
 
13
Formally \(\mathsf {MDec}\) is a shortcut for \(\mathsf {Dec}(\mathsf {Gen}(msk,f_{id}),\mathsf {San}(pp,c))\), where \(f_{id}\) is the identity function.
 
Literatur
[BFM88]
Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2–4, 1988, Chicago, Illinois, USA, pp. 103–112 (1988)
[Bib75]
Biba, K.J.: Integrity considerations for secure computer systems. No. MTR-3153-REV-1. MITRE Corp., Bedford, MA (1975)
[BL73]
Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations. Draft MTR, The MITRE Corporation, 2 (1973)
[BP03]
Backes, M., Pfitzmann, B.: Intransitive non-interference for cryptographic purpose. In: 2003 IEEE Symposium on Security and Privacy (S&P 2003), 11–14 May 2003, Berkeley, CA, USA, p. 140 (2003)
[BP04]
Backes, M., Pfitzmann, B.: Computational probabilistic noninterference. Int. J. Inf. Sec. 3(1), 42–60 (2004)CrossRef
[BSW11]
Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011)CrossRef
[DHO16]
[DMS15]
Dodis, Y., Mironov, I., Stephens-Davidowitz, N.: Message transmission with reverse firewalls—secure communication on corrupted machines. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 341–372. Springer, Heidelberg (2016). doi:10.​1007/​978-3-662-53018-4_​13 CrossRef
[FAL06]
Frikken, K., Atallah, M., Li, J.: Attribute-based access control with hidden policies and hidden credentials. IEEE Trans. Comput. 55(10), 1259–1270 (2006)CrossRef
[FF15]
Fehr, V., Fischlin, M.: Sanitizable signcryption: Sanitization over encrypted data (full version). IACR Cryptology ePrint Archive, 2015:765 (2015)
[FFLW15]
Ferrara, A.L., Fuchsbauer, G., Liu, B., Warinschi, B.: Policy privacy in cryptographic access control. In: IEEE 28th Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13–17 July, 2015, pp. 46–60 (2015)
[Gam85]
El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory 31(4), 469–472 (1985)MathSciNetCrossRef
[GGH+13]
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013, 26–29 October 2013, Berkeley, CA, USA, pp. 40–49 (2013)
[GJJS04]
[GPSW06]
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, October 30 - November 3, 2006, pp. 89–98 (2006)
[HKN05]
Halevi, S., Karger, P.A., Naor, D.: Enforcing confinement in distributed storage and a cryptographic model for access control. IACR Cryptology ePrint Archive 2005:169 (2005)
[HLA02]
[KSW13]
Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. J. Cryptology 26(2), 191–224 (2013)MathSciNetCrossRefMATH
[KTS07]
Kapadia, A., Tsang, P.P., Smith, S.W.: Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2007, San Diego, California, USA, 28th February - 2nd March 2007 (2007)
[MK11]
Müller, S., Katzenbeisser, S.: Hiding the policy in cryptographic access control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 90–105. Springer, Heidelberg (2012). doi:10.​1007/​978-3-642-29963-6_​8 CrossRef
[MS15]
Mironov, I., Stephens-Davidowitz, N.: Cryptographic reverse firewalls. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 657–686. Springer, Heidelberg (2015). doi:10.​1007/​978-3-662-46803-6_​22
[PR07]
[RZB12]
Raykova, M., Zhao, H., Bellovin, S.M.: Privacy enhanced access control for outsourced data sharing. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 223–238. Springer, Heidelberg (2012). doi:10.​1007/​978-3-642-32946-3_​17 CrossRef
Metadaten
Titel
Access Control Encryption: Enforcing Information Flow with Cryptography
verfasst von
Ivan Damgård
Helene Haagh
Claudio Orlandi
Copyright-Jahr
2016
Verlag
Springer Berlin Heidelberg
Buch
Theory of Cryptography

Print ISBN: 978-3-662-53643-8

Electronic ISBN: 978-3-662-53644-5

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-662-53644-5_21

Premium Partner

    Bildnachweise