Reference : Unlinkable Updatable Databases and Oblivious Transfer with Access Control
 Document type : Scientific congresses, symposiums and conference proceedings : Paper published in a book Discipline(s) : Engineering, computing & technology : Computer science Focus Areas : Security, Reliability and Trust To cite this reference: http://hdl.handle.net/10993/43250
 Title : Unlinkable Updatable Databases and Oblivious Transfer with Access Control Language : English Author, co-author : Damodaran, Aditya Shyam Shankar [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >] Rial, Alfredo [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >] Publication date : 2020 Main document title : 25th Australasian Conference on Information Security and Privacy Peer reviewed : Yes Event name : ACISP 2020 Event date : From 25-11-2020 to 27-11-2020 Keywords : [en] Vector commitments ; bilinear maps ; universal composability Abstract : [en] An oblivious transfer with access control protocol (OTAC) allows us to protect privacy of accesses to a database while enforcing access control policies. Existing OTAC have several shortcomings. First, their design is not modular. Typically, to create an OTAC, an adaptive oblivious transfer protocol (OT) is extended ad-hoc. Consequently, the security of the OT is reanalyzed when proving security of the OTAC, and it is not possible to instantiate the OTAC with any secure OT. Second, existing OTAC do not allow for policy updates. Finally, in practical applications, many messages share the same policy. However, existing OTAC cannot take advantage of that to improve storage efficiency. We propose an UC-secure OTAC that addresses the aforementioned shortcomings. Our OTAC uses as building blocks the ideal functionalities for OT, for zero-knowledge (ZK) and for an \emph{unlinkable updatable database} ($\UUD$), which we define and construct. $\UUD$ is a protocol between an updater $\fuudUpdater$ and multiple readers $\fuudReader_k$. $\fuudUpdater$ sets up a database and updates it. $\fuudReader_k$ can read the database by computing UC ZK proofs of an entry in the database, without disclosing what entry is read. In our OTAC, $\UUD$ is used to store and read the policies. We construct an $\UUD$ based on subvector commitments (SVC). We extend the definition of SVC with update algorithms for commitments and openings, and we provide an UC ZK proof of a subvector. Our efficiency analysis shows that our $\UUD$ is practical. Permalink : http://hdl.handle.net/10993/43250 FnR project : FnR ; FNR11650748 > Alfredo Rial > SZK > Stateful Zero-Knowledge > 01/03/2018 > 28/02/2021 > 2017

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
main.pdfAuthor postprint584.69 kBView/Open

All documents in ORBilu are protected by a user license.