Abstract
Oblivious Transfer with Access Control (AC-OT) is a protocol which allows a user to obtain a database record with a credential satisfying the access policy of the record while the database server learns nothing about the record or the credential. The only AC-OT construction that supports policy in disjunctive form requires duplication of records in the database, each with a different conjunction of attributes (representing one possible criterion for accessing the record). In this paper, we propose a new AC-OT construction secure in the standard model. It supports policy in disjunctive form directly, without the above duplication issue. Due to the duplication issue in the previous construction, the size of an encrypted record is in \(O(\prod_{i=1}^{t}{n_i})\) for a CNF policy \((A_{1,1} \vee \ldots \vee A_{1,n_1}) \wedge \ldots \wedge (A_{t,1} \vee \ldots \vee A_{t,n_t})\) and in \(O(\binom{n}{k})\) for a k-of-n threshold gate. In our construction, the encrypted record size can be reduced to \(O(\sum_{i=1}^{t}{n_i})\) for CNF form and O(n) for threshold case.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Beimel, A.: Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel (1996)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 28th IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Press, New York (2007)
Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)
Camenisch, J., Dubovitskaya, M., Neven, G.: Oblivious transfer with access control. In: 16th ACM Conference on Computer and Communications Security, pp. 131–140. ACM, New York (2009)
Camenisch, J., Neven, G., Shelat, A.: Simulatable adaptive oblivious transfer. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 573–590. Springer, Heidelberg (2007)
Coull, S., Green, M., Hohenberger, S.: Controlling access to an oblivious database using stateful anonymous credentials. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 501–520. Springer, Heidelberg (2009)
Google Inc.: Google health, https://www.google.com/health
Green, M., Hohenberger, S.: Practical adaptive oblivious transfer from a simple assumption. Cryptology ePrint Archive, Report 2010/109 (2010), http://eprint.iacr.org/
Herranz, J., Hofheinz, D., Kiltz, E.: KEM/DEM: Necessary and sufficient conditions for secure hybrid encryption. Cryptology ePrint Archive, Report 2006/265 (2006), http://eprint.iacr.org/
Jarecki, S., Liu, X.: Efficient oblivious pseudorandom function with applications to adaptive OT and secure computation of set intersection. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 577–594. Springer, Heidelberg (2009)
Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010), full version http://eprint.iacr.org/2010/110
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Y. et al. (2010). Oblivious Transfer with Access Control : Realizing Disjunction without Duplication. In: Joye, M., Miyaji, A., Otsuka, A. (eds) Pairing-Based Cryptography - Pairing 2010. Pairing 2010. Lecture Notes in Computer Science, vol 6487. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17455-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-17455-1_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17454-4
Online ISBN: 978-3-642-17455-1
eBook Packages: Computer ScienceComputer Science (R0)