References of "Rial Duran, Alfredo 50021916"
     in
Bookmark and Share    
Full Text
See detailUC Priced Oblivious Transfer with Purchase Statistics and Dynamic Pricing
Damodaran, Aditya Shyam Shankar UL; Dubovitskaya, Maria; Rial Duran, Alfredo UL

E-print/Working paper (2019)

Priced oblivious transfer (POT) is a cryptographic protocol that can be used to protect customer privacy in e-commerce applications. Namely, it allows a buyer to purchase an item from a seller without ... [more ▼]

Priced oblivious transfer (POT) is a cryptographic protocol that can be used to protect customer privacy in e-commerce applications. Namely, it allows a buyer to purchase an item from a seller without disclosing to the latter which item was purchased and at which price. Unfortunately, existing POT schemes have some drawbacks in terms of design and functionality. First, the design of existing POT schemes is not modular. Typically, a POT scheme extends a k-out-of-N oblivious transfer (OT) scheme by adding prices to the items. However, all POT schemes do not use OT as a blackbox building block with certain security guarantees. Consequently, security of the OT scheme needs to be reanalyzed while proving security of the POT scheme, and it is not possible to swap the underlying OT scheme with any other OT scheme. Second, existing POT schemes do not allow the seller to obtain any kind of statistics about the buyer's purchases, which hinders customer and sales management. Moreover, the seller is not able to change the prices of items without restarting the protocol from scratch. We propose a POT scheme that addresses the aforementioned drawbacks. We prove the security of our POT in the UC framework. We modify a standard POT functionality to allow the seller to receive aggregate statistics about the buyer's purchases and to change prices dynamically. We present a modular construction for POT that realizes our functionality in the hybrid model. One of the building blocks is an ideal functionality for OT. Therefore, our protocol separates the tasks carried out by the underlying OT scheme from the additional tasks needed by a POT scheme. Thanks to that, our protocol is a good example of modular design and can be instantiated with any secure OT scheme as well as other building blocks without reanalyzing security from scratch. [less ▲]

Detailed reference viewed: 41 (10 UL)
Full Text
See detailConcise UC Zero-Knowledge Proofs for Oblivious Updatable Databases
Camenisch, Jan; Dubovitskaya, Maria; Rial Duran, Alfredo UL

E-print/Working paper (2019)

We propose an ideal functionality $\Functionality_{\COMD}$ and a construction for oblivious and updatable committed databases. $\Functionality_{\COMD}$ allows a prover to read, write, and update values in ... [more ▼]

We propose an ideal functionality $\Functionality_{\COMD}$ and a construction for oblivious and updatable committed databases. $\Functionality_{\COMD}$ allows a prover to read, write, and update values in a database and to prove to a verifier in zero-knowledge that a value is read from or written into a certain position. The following properties must hold: (1) values stored in the database remain hidden from the verifier; (2) a value read from a certain position is equal to the value previously written into that position; (3) (obliviousness) both the value read or written and its position remain hidden from the verifier. We describe a construction for $\Functionality_{\COMD}$ based on vector commitments. After the initialization phase, the cost of zero-knowedge proofs for reading and writing is independent of the database size, outperforming other techniques that achieve cost sublinear in the dataset size for prover and/or verifier. Therefore, our construction is especially appealing for cases with large datasets. Finally, we show how to use $\Functionality_{\COMD}$ as a building block in ``commit-and-prove'' two-party protocols, i.e.\ protocols where the prover commits to her inputs and subsequently proves in zero-knowledge statements about the committed values. In comparison to simply using commitment schemes, our construction allows the prover to hide positions read or written efficiently, which is useful to design protocols for e.g.\ cloud-based services, blockchain, privacy-preserving location sharing services and e-commerce, and efficient OR proofs. [less ▲]

Detailed reference viewed: 49 (3 UL)
Full Text
See detailUC Updatable Non-Hiding Committed Database with Efficient Zero-Knowledge Proofs
Rial Duran, Alfredo UL

E-print/Working paper (2019)

We define an ideal functionality $\Functionality_{\DB}$ and a protocol $\mathrm{\Pi_{\DB}}$ for an updatable non-hiding committed database ($\DB$). $\DB$ is described as the task of storing a database ... [more ▼]

We define an ideal functionality $\Functionality_{\DB}$ and a protocol $\mathrm{\Pi_{\DB}}$ for an updatable non-hiding committed database ($\DB$). $\DB$ is described as the task of storing a database into a suitable data structure that allows you to efficiently prove in zero-knowledge (ZK) that a value is stored in the database at a certain position. The database is \emph{non-hiding} because both prover and verifier know its content. It is \emph{committed} in the sense that only ZK proofs about position-value pairs that are actually stored are possible. It is \emph{updatable} because its contents can be modified dynamically throughout the protocol execution. The $\DB$ task is used implicitly as building block of privacy-preserving protocols for e-commerce, smart billing and access control. In those protocols, this task is intertwined with others. Our functionality $\Functionality_{\DB}$ allows us to study constructions for this task in isolation. Furthermore, it allows us to improve modularity in protocol design, by using $\Functionality_{\DB}$ as building block of those protocols along with functionalities for other tasks. Our construction $\mathrm{\Pi_{\DB}}$ uses a non-hiding vector commitment (VC) scheme as building block. Thanks to the efficiency properties of non-hiding VC schemes, $\mathrm{\Pi_{\DB}}$ provides ZK proofs whose computation cost (after initialization) and whose size are both independent of the database size. Therefore, $\mathrm{\Pi_{\DB}}$ is suitable for large databases. Moreover, the database can be updated dynamically and very efficiently. [less ▲]

Detailed reference viewed: 65 (18 UL)
Full Text
Peer Reviewed
See detailUsing Selene to Verify your Vote in JCJ
Iovino, Vincenzo UL; Rial Duran, Alfredo UL; Roenne, Peter UL et al

in Workshop on Advances in Secure Electronic Voting (VOTING'17) (2017, April 07)

Detailed reference viewed: 155 (28 UL)
Full Text
Peer Reviewed
See detailPrivate Mobile Pay-TV From Priced Oblivious Transfer
Biesmans, Wouter; Balasch, Josep; Rial Duran, Alfredo UL et al

in IEEE Transactions on Information Forensics & Security (2017)

In pay-TV, a service provider offers TV programs and channels to users. To ensure that only authorized users gain access, conditional access systems (CAS) have been proposed. In existing CAS, users ... [more ▼]

In pay-TV, a service provider offers TV programs and channels to users. To ensure that only authorized users gain access, conditional access systems (CAS) have been proposed. In existing CAS, users disclose to the service provider the TV programs and channels they purchase. We propose a pay-per-view and a pay-per-channel CAS that protect users' privacy. Our pay-per-view CAS employs priced oblivious transfer (POT) to allow a user to purchase TV programs without disclosing which programs were bought to the service provider. In our pay-per-channel CAS, POT is employed together with broadcast attribute-based encryption (BABE) to achieve low storage overhead, collusion resistance, efficient revocation and broadcast efficiency. We propose a new POT scheme and show its feasibility by implementing and testing our CAS on a representative mobile platform. [less ▲]

Detailed reference viewed: 66 (4 UL)
Full Text
Peer Reviewed
See detailIssuer-Free Oblivious Transfer with Access Control Revisited
Rial Duran, Alfredo UL

in Information Processing Letters (2017)

Oblivious transfer with access control (OTAC) is an extension of oblivious transfer where each message is associated with an access control policy. A receiver can obtain a message only if her attributes ... [more ▼]

Oblivious transfer with access control (OTAC) is an extension of oblivious transfer where each message is associated with an access control policy. A receiver can obtain a message only if her attributes satisfy the access control policy for that message. In most schemes, the receiver's attributes are certified by an issuer. Recently, two Issuer-Free OTAC protocols have been proposed. We show that the security definition for Issuer-Free OTAC fulfilled by those schemes poses a problem. Namely, the sender is not able to attest whether a receiver possesses a claimed attribute. Because of this problem, in both Issuer-Free OTAC protocols, any malicious receiver can obtain any message from the sender, regardless of the access control policy associated with the message. To address this problem, we propose a new security definition for Issuer-Free OTAC. Our definition requires the receiver to prove in zero-knowledge to the sender that her attributes fulfill some predicates. Our definition is suitable for settings with multiple issuers because it allows the design of OTAC protocols where the receiver, when accessing a record, can hide the identity of the issuer that certified her attributes. [less ▲]

Detailed reference viewed: 51 (8 UL)