2,692 research outputs found
Security Theorems via Model Theory
A model-theoretic approach can establish security theorems for cryptographic
protocols. Formulas expressing authentication and non-disclosure properties of
protocols have a special form. They are quantified implications for all xs .
(phi implies for some ys . psi). Models (interpretations) for these formulas
are *skeletons*, partially ordered structures consisting of a number of local
protocol behaviors. Realized skeletons contain enough local sessions to explain
all the behavior, when combined with some possible adversary behaviors. We show
two results. (1) If phi is the antecedent of a security goal, then there is a
skeleton A_phi such that, for every skeleton B, phi is satisfied in B iff there
is a homomorphism from A_phi to B. (2) A protocol enforces for all xs . (phi
implies for some ys . psi) iff every realized homomorphic image of A_phi
satisfies psi. Hence, to verify a security goal, one can use the Cryptographic
Protocol Shapes Analyzer CPSA (TACAS, 2007) to identify minimal realized
skeletons, or "shapes," that are homomorphic images of A_phi. If psi holds in
each of these shapes, then the goal holds
Ad Hoc Multi-Input Functional Encryption
Consider sources that supply sensitive data to an aggregator. Standard encryption only hides the data from eavesdroppers, but using specialized encryption one can hope to hide the data (to the extent possible) from the aggregator itself. For flexibility and security, we envision schemes that allow sources to supply encrypted data, such that at any point a dynamically-chosen subset of sources can allow an agreed-upon joint function of their data to be computed by the aggregator. A primitive called multi-input functional encryption (MIFE), due to Goldwasser et al. (EUROCRYPT 2014), comes close, but has two main limitations:
- it requires trust in a third party, who is able to decrypt all the data, and
- it requires function arity to be fixed at setup time and to be equal to the number of parties.
To drop these limitations, we introduce a new notion of ad hoc MIFE. In our setting, each source generates its own public key and issues individual, function-specific secret keys to an aggregator. For successful decryption, an aggregator must obtain a separate key from each source whose ciphertext is being computed upon. The aggregator could obtain multiple such secret-keys from a user corresponding to functions of varying arity. For this primitive, we obtain the following results:
- We show that standard MIFE for general functions can be bootstrapped to ad hoc MIFE for free, i.e. without making any additional assumption.
- We provide a direct construction of ad hoc MIFE for the inner product functionality based on the Learning with Errors (LWE) assumption. This yields the first construction of this natural primitive based on a standard assumption.
At a technical level, our results are obtained by combining standard MIFE schemes and two-round secure multiparty computation (MPC) protocols in novel ways highlighting an interesting interplay between MIFE and two-round MPC
Predicate Encryption for Circuits from LWE
In predicate encryption, a ciphertext is associated with descriptive attribute values x in addition to a plaintext Ό, and a secret key is associated with a predicate f. Decryption returns plaintext Ό if and only if f(x)=1. Moreover, security of predicate encryption guarantees that an adversary learns nothing about the attribute x or the plaintext Ό from a ciphertext, given arbitrary many secret keys that are not authorized to decrypt the ciphertext individually.
We construct a leveled predicate encryption scheme for all circuits, assuming the hardness of the subexponential learning with errors (LWE) problem. That is, for any polynomial function d=d(λ), we construct a predicate encryption scheme for the class of all circuits with depth bounded by d(λ), where λ is the security parameter.Microsoft Corporation (PhD Fellowship)Northrop Grumman Cybersecurity Research ConsortiumUnited States. Defense Advanced Research Projects Agency (Grant FA8750-11-2-0225)National Science Foundation (U.S.) (Awards CNS-1350619)National Science Foundation (U.S.) (Awards CNS-1413920)Alfred P. Sloan Foundation (Fellowship)Microsoft (Faculty Fellowship
- âŠ