ABSTRACT
Predicate encryption provides fine-grained control over encryption and decryption. In a predicate encryption scheme, message is encrypted with a set of attributes, and decryption key is incorporated with a predicate. Only when the predicate evaluates to true over these attributes, the message can be correctly decrypted. We propose an extension to predicate encryption named delegate predicate encryption. In our extension, a user generates a encryption capability of a set of attributes, then sends the capability to a encryption proxy. Using this capability, the proxy can encrypt arbitrary message with these attributes without knowing anything about these attributes. We give a concrete construction from a predicate encryption scheme which supports the widest range of predicate known to date. Then, using our extension, we are able to construct an anonymous authentication scheme. In our anonymous authentication scheme, authentication rules can be described in an very expressive way, while the anonymity of user is protected and the authentication rules are also hidden.
- Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone- Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205--222. Springer, Heidelberg (2005) Google ScholarDigital Library
- Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G. R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, Springer, Heidelberg (1985) Google ScholarDigital Library
- Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, Springer, Heidelberg (2006) Google ScholarDigital Library
- Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for finegrained access control of encrypted data. In: ACM CCCS (2006) Google ScholarDigital Library
- Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. Cryptology ePrint Archive, Report 2007/404Google Scholar
- Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: STOC, pp. 427--437 (1990) Google ScholarDigital Library
- Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with nonmonotonic access structures. In: ACM CCCS (2007) Google ScholarDigital Library
- Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. J. F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, Springer, Heidelberg (2005) Google ScholarDigital Library
- Shi, E., Bethencourt, J., Chan, H. T.-H., Song, D. X., Perrig, A.: Multi-dimensional range queries over encrypted data. In: IEEE Symposium on Security and Privacy (2007) Google ScholarDigital Library
- Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy (2007) Google ScholarDigital Library
- D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030--1044, Oct. 1985. Google ScholarDigital Library
- A. Lysyanskaya, R. Rivest, A. Sahai, and S. Wolf. Pseudonym systems. In SAC, vol. 1758, p. 184--199, 1999. Google ScholarDigital Library
- J. Camenisch and A. Lysyanskaya. Signature schemes and anonymous credentials from bilinear maps. In CRYPTO 2004, volume 3152 of LNCS, p. 56--72, 2004.Google ScholarCross Ref
- Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, Springer, Heidelberg (2004)Google Scholar
- Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public-key encryption with keyword search. In: Cachin, C., Camenisch, J. L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, Springer, Heidelberg (2004)Google Scholar
- Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Computing 32(3), 586--615 (2003) Google ScholarDigital Library
- Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Theory of Cryptography Conference (2007) Google ScholarDigital Library
- Shi, E., Waters, B.: Delegating Capabilities in Predicate Encryption Systems. Proceedings of ICALP, 2008 Google ScholarDigital Library
Index Terms
- Delegate predicate encryption and its application to anonymous authentication
Recommendations
Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityAnonymous authentication allows one to authenticate herself without revealing her identity, and becomes an important technique for constructing privacy-preserving Internet connections. Anonymous password authentication is highly desirable as it enables ...
Self-updatable encryption
Revocation and key evolving paradigms are central issues in cryptography, and in PKI in particular. A novel concern related to these areas was raised in the recent work of Sahai, Seyalioglu, and Waters (CRYPTO 2012) who noticed that revoking past keys ...
Certificate-free ad hoc anonymous authentication
There is an increasing demand of ad hoc anonymous authentication (AHAA) to secure communications between ad hoc group members while preserving privacy for the members. The main obstacles in AHAA is that it is difficult to deploy traditional public-key ...
Comments