Abstract
In this paper, we introduce the concept of policy-based cryptography which makes it possible to perform policy enforcement in large-scale open environments like the Internet, while respecting the data minimization principle according to which only strictly necessary information should be collected for a given purpose. We propose concrete policy-based encryption and signature schemes, based on bilinear pairings, which allow performing relatively efficient encryption and signature operations with respect to credential-based policies formalized as boolean expressions written in generic conjunctive-disjunctive normal form. We illustrate the privacy properties of our policy-based cryptographic schemes through the description of three application scenarios.
The work reported in this paper is supported by the IST PRIME project and by Institut Eurécom; however, it represents the view of the authors only.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Barreto, P., Kim, H., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on Computer and communications security, pp. 62–73. ACM Press, New York (1993)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Bradshaw, R., Holt, J., Seamons, K.: Concealing complex policies with hidden credentials. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 146–157. ACM Press, New York (2004)
Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)
Chen, L., Harrison, K., Soldera, D., Smart, N.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002)
Organization for Economic Cooperation and Development (OECD). Recommendation of the council concerning guidelines governing the protection of privacy and transborder flows of personal data (1980), http://www.oecd.org/home/
Holt, J., Bradshaw, R., Seamons, K.E., Orman, H.: Hidden credentials. In: Proc. of the 2003 ACM Workshop on Privacy in the Electronic Society. ACM Press, New York (2003)
Joux, A.: The weil and tate pairings as building blocks for public key cryptosystems. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 20–32. Springer, Heidelberg (2002)
Karjoth, G., Schunter, M., Waidner, M.: The platform for enterprise privacy practices–privacy-enabled management of customer data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 69–84. Springer, Heidelberg (2003)
Li, N., Du, W., Boneh, D.: Oblivious signature-based envelope. In: Proceedings of the 22nd annual symposium on Principles of distributed computing, pp. 182–189. ACM Press, New York (2003)
Lin, C., Wu, T.: An identity-based ring signature scheme from bilinear pairings. In: Proceedings of the 18th International Conference on Advanced Information Networking and Applications. IEEE Computer Society Press, Los Alamitos (2004)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Smart, N.: Access control using pairing based cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 111–121. Springer, Heidelberg (2003)
Wilkinson, T., Hearn, D., Wiseman, S.: Trustworthy access control with untrustworthy web servers. In: Proceedings of the 15th Annual Computer Security Applications Conference, p. 12. IEEE Computer Society Press, Los Alamitos (1999)
Yacobi, Y.: A note on the bilinear diffie-hellman assumption. Cryptology ePrint Archive, Report 2002/113 (2002), http://eprint.iacr.org/
Zhang, F., Kim, K.: Id-based blind signature and ring signature from pairings. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 533–547. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bagga, W., Molva, R. (2005). Policy-Based Cryptography and Applications. In: Patrick, A.S., Yung, M. (eds) Financial Cryptography and Data Security. FC 2005. Lecture Notes in Computer Science, vol 3570. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11507840_7
Download citation
DOI: https://doi.org/10.1007/11507840_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26656-3
Online ISBN: 978-3-540-31680-0
eBook Packages: Computer ScienceComputer Science (R0)