Unlinkable Updatable Databases and Oblivious Transfer with Access Control

Damodaran, Aditya Shyam Shankar; Rial, Alfredo

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Unlinkable Updatable Databases and Oblivious Transfer with Access Control

Damodaran, Aditya Shyam Shankar; Rial, Alfredo

2020 • In 25th Australasian Conference on Information Security and Privacy

Peer reviewed

Permalink
https://hdl.handle.net/10993/43250

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

main.pdf

Author postprint (598.72 kB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Vector commitments; bilinear maps; universal composability

Abstract :

[en] An oblivious transfer with access control protocol (OTAC) allows us to protect privacy of accesses to a database while enforcing access control policies. Existing OTAC have several shortcomings. First, their design is not modular. Typically, to create an OTAC, an adaptive oblivious transfer protocol (OT) is extended ad-hoc. Consequently, the security of the OT is reanalyzed when proving security of the OTAC, and it is not possible to instantiate the OTAC with any secure OT. Second, existing OTAC do not allow for policy updates. Finally, in practical applications, many messages share the same policy. However, existing OTAC cannot take advantage of that to improve storage efficiency. We propose an UC-secure OTAC that addresses the aforementioned shortcomings. Our OTAC uses as building blocks the ideal functionalities for OT, for zero-knowledge (ZK) and for an \emph{unlinkable updatable database} ($\UUD$), which we define and construct. $\UUD$ is a protocol between an updater $\fuudUpdater$ and multiple readers $\fuudReader_k$. $\fuudUpdater$ sets up a database and updates it. $\fuudReader_k$ can read the database by computing UC ZK proofs of an entry in the database, without disclosing what entry is read. In our OTAC, $\UUD$ is used to store and read the policies. We construct an $\UUD$ based on subvector commitments (SVC). We extend the definition of SVC with update algorithms for commitments and openings, and we provide an UC ZK proof of a subvector. Our efficiency analysis shows that our $\UUD$ is practical.

Disciplines :

Computer science

Author, co-author :

Damodaran, Aditya Shyam Shankar ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Rial, Alfredo ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

Language :

English

Title :

Unlinkable Updatable Databases and Oblivious Transfer with Access Control

Publication date :

2020

Event name :

ACISP 2020

Event date :

From 25-11-2020 to 27-11-2020

Main work title :

25th Australasian Conference on Information Security and Privacy

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

FnR Project :

FNR11650748 - Stateful Zero-knowledge, 2017 (01/03/2018-28/02/2021) - Alfredo Rial

Available on ORBilu :

since 24 May 2020

Statistics

Number of views

269 (68 by Unilu)

Number of downloads

296 (45 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

Abe, M., Camenisch, J., Dubovitskaya, M., Nishimaki, R.: Universally composable adaptive oblivious transfer (with access control) from standard assumptions. In: DIM 2013, Proceedings of the 2013 ACM Workshop on Digital Identity Management, pp. 1–12 (2013)
Abe, M., Groth, J., Haralambiev, K., Ohkubo, M.: Optimal structure-preserving signatures in asymmetric bilinear groups. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 649–666. Springer, Heidelberg (2011). https://doi.org/10. 1007/978-3-642-22792-9 37
Aiello, B., Ishai, Y., Reingold, O.: Priced oblivious transfer: how to sell digital goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119–135. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6 8
Akinyele, J.A., et al.: Charm: a framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3(2), 111–128 (2013)
Blazy, O., Chevalier, C., Germouty, P.: Adaptive oblivious transfer and generalization. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 217– 247. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53890-6 8
Boneh, D., Bünz, B., Fisch, B.: Batching techniques for accumulators with applications to IOPs and stateless blockchains. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 561–586. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7 20
Camenisch, J., Dubovitskaya, M., Enderlein, R.R., Neven, G.: Oblivious transfer with hidden access control from attribute-based encryption. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 559–579. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32928-9 31
Camenisch, J., Dubovitskaya, M., Neven, G.: Oblivious transfer with access control. In: ACM Conference on Computer and Communications Security, CCS 2009, pp. 131–140 (2009)
Camenisch, J., Dubovitskaya, M., Neven, G.: Unlinkable priced oblivious transfer with rechargeable wallets. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 66–81. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14577-3 8
Camenisch, J., Dubovitskaya, M., Neven, G., Zaverucha, G.M.: Oblivious transfer with hidden access control policies. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 192–209. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8 12
Camenisch, J., Dubovitskaya, M., Rial, A.: UC commitments for modular protocol design and applications to revocation and attribute tokens. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 208–239. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53015-3 8
Camenisch, J., Krenn, S., Shoup, V.: A framework for practical universally composable zero-knowledge protocols. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 449–467. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0 24
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS 2001, pp. 136–145 (2001)
Catalano, D., Fiore, D.: Vector commitments and their applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 55–72. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7 5
Coull, S., Green, M., Hohenberger, S.: Controlling access to an oblivious database using stateful anonymous credentials. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 501–520. Springer, Heidelberg (2009). https://doi.org/10. 1007/978-3-642-00468-1 28
Damodaran, A., Dubovitskaya, M., Rial, A.: UC priced oblivious transfer with purchase statistics and dynamic pricing. In: Hao, F., Ruj, S., Sen Gupta, S. (eds.) INDOCRYPT 2019. LNCS, vol. 11898, pp. 273–296. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-35423-7 14
Damodaran, A., Rial, A.: UC updatable databases and applications. In: Nitaj, A., Youssef, A. (eds.) AFRICACRYPT 2020. LNCS, vol. 12174, pp. 66–87. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-51938-4 4
Damodaran, A., Rial, A.: Unlinkable updatable databases and oblivious transfer with access control. http://hdl.handle.net/10993/43250
Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8 11
Lai, R.W.F., Malavolta, G.: Subvector commitments with application to succinct arguments. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 530–560. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7 19
Libert, B., Ling, S., Mouhartem, F., Nguyen, K., Wang, H.: Adaptive oblivious transfer with access control from lattice assumptions. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 533–563. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8 19
Libert, B., Ramanna, S.C., Yung, M.: Functional commitment schemes: from polynomial commitments to pairing-based accumulators from simple assumptions. In: ICALP 2016, pp. 30:1–30:14 (2016)
Libert, B., Yung, M.: Concise mercurial vector commitments and independent zero-knowledge sets with short proofs. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 499–517. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11799-2 30
Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1 9
Rial, A.: Blind attribute-based encryption and oblivious transfer with fine-grained access control. Des. Codes Crypt. 81(2), 179–223 (2015). https://doi.org/10.1007/s10623-015-0134-y
Rial, A., Kohlweiss, M., Preneel, B.: Universally composable adaptive priced oblivious transfer. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 231–247. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03298-1 15
Wikström, D.: A universally composable mix-net. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 317–335. Springer, Heidelberg (2004). https://doi.org/10. 1007/978-3-540-24638-1 18
Xu, L., Zhang, F.: Oblivious transfer with threshold access control. J. Inf. Sci. Eng. 28(3), 555–570 (2012)
Xu, L., Zhang, F.: Oblivious transfer with complex attribute-based access control. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 370–395. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24209-0 25
Zhang, Y., et al.: Oblivious transfer with access control: realizing disjunction without duplication. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 96–115. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17455-1 7