Reference : Unlinkable Updatable Databases and Oblivious Transfer with Access Control
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
Unlinkable Updatable Databases and Oblivious Transfer with Access Control
Damodaran, Aditya Shyam Shankar [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Rial, Alfredo mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
25th Australasian Conference on Information Security and Privacy
ACISP 2020
From 25-11-2020 to 27-11-2020
[en] Vector commitments ; bilinear maps ; universal composability
[en] An oblivious transfer with access control protocol (OTAC) allows us to protect privacy of accesses to a database while enforcing access control policies. Existing OTAC have several shortcomings. First, their design is not modular. Typically, to create an OTAC, an adaptive oblivious transfer protocol (OT) is extended ad-hoc. Consequently, the security of the OT is reanalyzed when proving security of the OTAC, and it is not possible to instantiate the OTAC with any secure OT. Second, existing OTAC do not allow for policy updates. Finally, in practical applications, many messages share the same policy. However, existing OTAC cannot take advantage of that to improve storage efficiency.

We propose an UC-secure OTAC that addresses the aforementioned shortcomings. Our OTAC uses as building blocks the ideal functionalities for OT, for zero-knowledge (ZK) and for an \emph{unlinkable updatable database} ($\UUD$), which we define and construct. $\UUD$ is a protocol between an updater $\fuudUpdater$ and multiple readers $\fuudReader_k$. $\fuudUpdater$ sets up a database and updates it. $\fuudReader_k$ can read the database by computing UC ZK proofs of an entry in the database, without disclosing what entry is read. In our OTAC, $\UUD$ is used to store and read the policies.

We construct an $\UUD$ based on subvector commitments (SVC). We extend the definition of SVC with update algorithms for commitments and openings, and we provide an UC ZK proof of a subvector. Our efficiency analysis shows that our $\UUD$ is practical.
FnR ; FNR11650748 > Alfredo Rial > SZK > Stateful Zero-Knowledge > 01/03/2018 > 28/02/2021 > 2017

File(s) associated to this reference

Fulltext file(s):

Open access
main.pdfAuthor postprint584.69 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.