Skip to main content
SpringerLink
Log in

Blind attribute-based encryption and oblivious transfer with fine-grained access control

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We propose two constructions of oblivious transfer with access control (OTAC), i.e., oblivious transfer schemes in which a receiver can obtain a message only if her attributes, which are certified by a credential issuer, satisfy the access control policy of that message. The receiver remains anonymous towards the sender and the receiver’s attributes are not disclosed to the sender. Our constructions are based on any ciphertext policy attribute based encryption (\(\mathrm {CPABE}\)) scheme that fulfills the committing and key separation properties, which we define. We also provide a committing \(\mathrm {CPABE}\) with key separation scheme that supports any policy described by a monotone access structure, which, in comparison to previous work, allows our OTAC construction to support efficiently a wider variety of access control policies. In our constructions, a receiver obtains from the sender a \(\mathrm {CPABE}\) secret key for her attributes by using a blind key extraction with access control protocol. We provide a blind key extraction with access control protocol for any committing \(\mathrm {CPABE}\) with key separation scheme. Previous work only provided ad-hoc constructions of blind key extraction protocols. Our generic protocol works in a hybrid model that employs novel ideal functionalities for oblivious transfer and for anonymous attribute authentication. We propose constructions that realize those novel ideal functionalities and analyze the overall efficiency of our OTAC constructions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. The idea of using a commitment scheme for this purpose is taken from “UC Commitments, Revocation, and Attribute Tokens for Privacy-Preserving Protocol Design” by Jan Camenisch, Maria Dubovitskaya and Alfredo Rial.

  2. This construction encrypts messages in \({\mathbb {G}_{t}}\). As explained in [9], it is possible to hash the message into \({\mathbb {G}_{t}}\) or to extract a random pad from the element in the target group and use \(\oplus \) to encrypt the message.

References

  1. Abe M., Camenisch J., Dubovitskaya M., Nishimaki R.: Universally composable adaptive oblivious transfer (with access control) from standard assumptions. In: Proceedings of the 2013 ACM Workshop on Digital Identity Management, pp. 1–12. ACM, Berlin (2013).

  2. Au M.H., Susilo W., Mu Y.: Constant-size dynamic k-taa. In: Prisco R.D., Yung, M. (eds.) SCN. Lecture Notes in Computer Science, vol. 4116, pp. 111–125. Springer, Heidelberg (2006).

  3. Bethencourt J., Sahai A., Waters B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society, Washington, DC (2007).

  4. Camenisch J., Stadler M.: Proof systems for general statements about discrete logarithms. Technical Report TR 260. Institute for Theoretical Computer Science, ETH Zürich (1997).

  5. Camenisch J., Dubovitskaya M., Enderlein R.R., Neven G.: Oblivious transfer with hidden access control from attribute-based encryption. In: Visconti I., Prisco R.D. (eds.) SCN. Lecture Notes in Computer Science, vol. 7485, pp. 559–579. Springer, Berlin (2012).

  6. Camenisch J., Dubovitskaya M., Neven G.: Oblivious transfer with access control. In: Al-Shaer E., Jha S., Keromytis A.D. (eds.) ACM Conference on Computer and Communications Security, pp. 131–140. ACM, New York (2009).

  7. Camenisch J., Dubovitskaya M., Neven G., Zaverucha G.M.: Oblivious transfer with hidden access control policies. In: Catalano D., Fazio N., Gennaro R., Nicolosi A. (eds.) Public Key Cryptography. Lecture Notes in Computer Science, vol. 6571, pp. 192–209. Springer, Berlin (2011).

  8. Camenisch J., Lehmann A., Neven G., Rial A.: Privacy-preserving auditing for attribute-based credentials. In: Computer Security—ESORICS 2014, pp. 109–127. Springer, Cham (2014).

  9. Camenisch, J., Neven, G., Shelat, A.: Simulatable adaptive oblivious transfer. In: Naor (ed.) Advances in Cryptology—EUROCRYPT 2007. Proceedings 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, 20–24, May 2007. Lecture Notes in Computer Science, vol. 4515, pp. 573–590. Springer, Heidelberg (2007).

  10. Canetti R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS, pp. 136–145. IEEE Computer Society, Washington, DC (2001).

  11. Coull S.E., Green M., Hohenberger S.: Controlling access to an oblivious database using stateful anonymous credentials. In: Jarecki S., Tsudik G. (eds.) Public Key Cryptography. Lecture Notes in Computer Science, vol. 5443, pp. 501–520. Springer, Heidelberg (2009).

  12. Faust S., Kohlweiss M., Marson G.A., Venturi D.: On the non-malleability of the fiat-shamir transform. In: Progress in Cryptology—INDOCRYPT 2012, pp. 60–79. Springer, Heidelberg (2012).

  13. Fiat A., Shamir A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko A.M. (ed.) CRYPTO ’86. Lecture Notes in Computer Science, vol. 263, pp. 186–194. Springer, Heidelberg (1987).

  14. Goldwasser S., Micali S., Rivest R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17, 281–308 (1988).

  15. Green M., Hohenberger S.: Blind identity-based encryption and simulatable oblivious transfer. In: ASIACRYPT, pp. 265–282 (2007).

  16. Green M., Hohenberger S.: Blind identity-based encryption and simulatable oblivious transfer. In: Advances in Cryptology–ASIACRYPT 2007, pp. 265–282. Springer, Berlin (2007).

  17. Guleria V., Dutta R.: Issuer-free adaptive oblivious transfer with access policy. In: Information Security and Cryptology—ICISC 2014, pp. 402–418. Springer, Berlin (2014).

  18. Guleria V., Dutta R.: Universally composable identity based adaptive oblivious transfer with access control. In: Information Security and Cryptology, pp. 109–129. Springer, Beijing (2014).

  19. Han J., Susilo W., Mu Y., Yan J.: Attribute-based oblivious access control. Comput. J. 55, 1202–1215 (2012).

  20. Han J., Susilo W., Mu Y., Yan J.: Efficient oblivious transfers with access control. Comput. Math. Appl. 63, 827–837 (2012).

  21. Kohlweiss M., Faust S., Fritsch L., Gedrojc B., Preneel B.: Efficient oblivious augmented maps: location-based services with a payment broker. In: Borisov N., Golle P. (eds.) Privacy Enhancing Technologies. Lecture Notes in Computer Science, vol. 4776, pp. 77–94. Springer, Berlin (2007).

  22. Naor M., Pinkas B.: Oblivious transfer with adaptive queries. In: Wiener M.J. (ed.) CRYPTO. Lecture Notes in Computer Science, vol. 1666, pp. 573–590. Springer, Heidelberg (1999).

  23. Nishide T., Yoneyama K., Ohta K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin S.M., Gennaro R., Keromytis A.D., Yung M. (eds.) ACNS. Lecture Notes in Computer Science, vol. 5037, pp. 111–129 (2008).

  24. Pedersen T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum J. (ed.) CRYPTO. Lecture Notes in Computer Science, vol. 576, pp. 129–140. Springer, Heidelberg (1991).

  25. Rabin M.O.: How to Exchange Secrets by Oblivious Transfer. Harvard Aiken Computation Laboratory, Cambridge (1981).

  26. Rial A., Preneel B.: Blind attribute-based encryption and oblivious transfer with fine-grained access control. COSIC Technical Report (2010).

  27. Sahai A., Waters B.: Fuzzy identity-based encryption. In: Advances in Cryptology—EUROCRYPT 2005. pp. 457–473. Springer, New York (2005).

  28. Waters B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Public Key Cryptography—PKC 2011. pp. 53–70. Springer, Heidelberg (2011).

  29. Xu L., Zhang F.: Oblivious transfer with complex attribute-based access control. In: Information Security and Cryptology—ICISC 2010. pp. 370–395. Springer, Beijing (2011).

  30. Xu L.L., Zhang F.G.: Oblivious transfer with threshold access control. J. Inf. Sci. Eng. 28, 555–570 (2012).

  31. Xu L., Zhang F., Wen Y.: Oblivious transfer with access control and identity-based encryption with anonymous key issuing. J. Electron. (China) 28, 571–579 (2011).

  32. Zhang Y., Au M.H., Wong D.S., Huang Q., Mamoulis N., Cheung D.W., Yiu S.M.: Oblivious transfer with access control: realizing disjunction without duplication. In: Joye M., Miyaji A., Otsuka A. (eds.) Pairing. Lecture Notes in Computer Science, vol. 6487, pp. 96–115. Springer, Berlin (2010).

Download references

Acknowledgments

This work was supported by the European Commission’s Seventh Framework Programme under the FutureID project (Agreement #318424).

Author information

Authors and Affiliations

  1. IBM Research Zurich, Rueschlikon, Switzerland

    Alfredo Rial

Authors
  1. Alfredo Rial
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alfredo Rial.

Additional information

Communicated by C. Padro.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rial, A. Blind attribute-based encryption and oblivious transfer with fine-grained access control. Des. Codes Cryptogr. 81, 179–223 (2016). https://doi.org/10.1007/s10623-015-0134-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-015-0134-y

Keywords

Mathematics Subject Classification

Search

Navigation