| Reference : Unlinkable Updatable Databases and Oblivious Transfer with Access Control |
| Scientific congresses, symposiums and conference proceedings : Paper published in a book | |||
| Engineering, computing & technology : Computer science | |||
| Security, Reliability and Trust | |||
| http://hdl.handle.net/10993/43250 | |||
| Unlinkable Updatable Databases and Oblivious Transfer with Access Control | |
| English | |
| Damodaran, Aditya Shyam Shankar [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >] | |
Rial, Alfredo  [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >] | |
| 2020 | |
| 25th Australasian Conference on Information Security and Privacy | |
| Yes | |
| ACISP 2020 | |
| From 25-11-2020 to 27-11-2020 | |
| [en] Vector commitments ; bilinear maps ; universal composability | |
| [en] An oblivious transfer with access control protocol (OTAC) allows us to protect privacy of accesses to a database while enforcing access control policies. Existing OTAC have several shortcomings. First, their design is not modular. Typically, to create an OTAC, an adaptive oblivious transfer protocol (OT) is extended ad-hoc. Consequently, the security of the OT is reanalyzed when proving security of the OTAC, and it is not possible to instantiate the OTAC with any secure OT. Second, existing OTAC do not allow for policy updates. Finally, in practical applications, many messages share the same policy. However, existing OTAC cannot take advantage of that to improve storage efficiency.
We propose an UC-secure OTAC that addresses the aforementioned shortcomings. Our OTAC uses as building blocks the ideal functionalities for OT, for zero-knowledge (ZK) and for an \emph{unlinkable updatable database} ($\UUD$), which we define and construct. $\UUD$ is a protocol between an updater $\fuudUpdater$ and multiple readers $\fuudReader_k$. $\fuudUpdater$ sets up a database and updates it. $\fuudReader_k$ can read the database by computing UC ZK proofs of an entry in the database, without disclosing what entry is read. In our OTAC, $\UUD$ is used to store and read the policies. We construct an $\UUD$ based on subvector commitments (SVC). We extend the definition of SVC with update algorithms for commitments and openings, and we provide an UC ZK proof of a subvector. Our efficiency analysis shows that our $\UUD$ is practical. | |
| http://hdl.handle.net/10993/43250 | |
| FnR ; FNR11650748 > Alfredo Rial > SZK > Stateful Zero-Knowledge > 01/03/2018 > 28/02/2021 > 2017 |
| File(s) associated to this reference | ||||||||||||||
|
Fulltext file(s):
| ||||||||||||||
All documents in ORBilu are protected by a user license.
