3,715 research outputs found
Server-Aided Revocable Predicate Encryption: Formalization and Lattice-Based Instantiation
Efficient user revocation is a necessary but challenging problem in many
multi-user cryptosystems. Among known approaches, server-aided revocation
yields a promising solution, because it allows to outsource the major workloads
of system users to a computationally powerful third party, called the server,
whose only requirement is to carry out the computations correctly. Such a
revocation mechanism was considered in the settings of identity-based
encryption and attribute-based encryption by Qin et al. (ESORICS 2015) and Cui
et al. (ESORICS 2016), respectively.
In this work, we consider the server-aided revocation mechanism in the more
elaborate setting of predicate encryption (PE). The latter, introduced by Katz,
Sahai, and Waters (EUROCRYPT 2008), provides fine-grained and role-based access
to encrypted data and can be viewed as a generalization of identity-based and
attribute-based encryption. Our contribution is two-fold. First, we formalize
the model of server-aided revocable predicate encryption (SR-PE), with rigorous
definitions and security notions. Our model can be seen as a non-trivial
adaptation of Cui et al.'s work into the PE context. Second, we put forward a
lattice-based instantiation of SR-PE. The scheme employs the PE scheme of
Agrawal, Freeman and Vaikuntanathan (ASIACRYPT 2011) and the complete subtree
method of Naor, Naor, and Lotspiech (CRYPTO 2001) as the two main ingredients,
which work smoothly together thanks to a few additional techniques. Our scheme
is proven secure in the standard model (in a selective manner), based on the
hardness of the Learning With Errors (LWE) problem.Comment: 24 page
Anonymous and Adaptively Secure Revocable IBE with Constant Size Public Parameters
In Identity-Based Encryption (IBE) systems, key revocation is non-trivial.
This is because a user's identity is itself a public key. Moreover, the private
key corresponding to the identity needs to be obtained from a trusted key
authority through an authenticated and secrecy protected channel. So far, there
exist only a very small number of revocable IBE (RIBE) schemes that support
non-interactive key revocation, in the sense that the user is not required to
interact with the key authority or some kind of trusted hardware to renew her
private key without changing her public key (or identity). These schemes are
either proven to be only selectively secure or have public parameters which
grow linearly in a given security parameter. In this paper, we present two
constructions of non-interactive RIBE that satisfy all the following three
attractive properties: (i) proven to be adaptively secure under the Symmetric
External Diffie-Hellman (SXDH) and the Decisional Linear (DLIN) assumptions;
(ii) have constant-size public parameters; and (iii) preserve the anonymity of
ciphertexts---a property that has not yet been achieved in all the current
schemes
Attribute-based encryption for cloud computing access control: A survey
National Research Foundation (NRF) Singapore; AXA Research Fun
Towards Black-Box Accountable Authority IBE with Short Ciphertexts and Private Keys
At Crypto'07, Goyal introduced the concept of Accountable Authority
Identity-Based Encryption as a convenient tool to reduce the amount of trust in
authorities in Identity-Based Encryption. In this model, if the Private Key
Generator (PKG) maliciously re-distributes users' decryption keys, it runs the
risk of being caught and prosecuted. Goyal proposed two constructions: the
first one is efficient but can only trace well-formed decryption keys to their
source; the second one allows tracing obfuscated decryption boxes in a model
(called weak black-box model) where cheating authorities have no decryption
oracle. The latter scheme is unfortunately far less efficient in terms of
decryption cost and ciphertext size. In this work, we propose a new
construction that combines the efficiency of Goyal's first proposal with a very
simple weak black-box tracing mechanism. Our scheme is described in the
selective-ID model but readily extends to meet all security properties in the
adaptive-ID sense, which is not known to be true for prior black-box schemes.Comment: 32 page
Contributions to Lattice–based Cryptography
Post–quantum cryptography (PQC) is a new and fast–growing part of Cryptography. It focuses on developing cryptographic algorithms and protocols that resist quantum adversaries (i.e., the adversaries who have access to quantum computers). To construct a new PQC primitive, a designer must use a mathematical problem intractable for the quantum adversary. Many intractability assumptions are being used in PQC. There seems to be a consensus in the research community that the most promising are intractable/hard problems in lattices. However, lattice–based cryptography still needs more research to make it more efficient and practical. The thesis contributes toward achieving either the novelty or the practicality of lattice– based cryptographic systems
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
- …