A Construction for General and Efficient Oblivious Commitment Based Envelope Protocols

  • Jiangtao Li
  • Ninghui Li
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4307)


The notion of Oblivious Commitment Based Envelope (OCBE) was recently proposed; it enables attribute-based access control without revealing any information about the attributes. Previous OCBE protocols are designed by taking zero-knowledge proof protocols that prove a committed value satisfies some property and changing the protocols so that instead of one party proving to the other party, the two parties compute two keys that agree if and only if the committed value indeed satisfy the property. In this paper, we introduce a more general approach for designing OCBE protocols that uses zero-knowledge proof protocols in a black-box fashion. We present a construction such that given a zero-knowledge proof protocol that proves a committed value satisfies a predicate, we have an OCBE protocol for that predicate with constant additional cost. Compared with previous OCBE protocols, our construction is more general, more efficient, and has wide applicability.


Random Oracle Access Control Policy Commitment Scheme Random Oracle Model Oblivious Transfer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bagga, W., Molva, R.: Policy-based cryptography and applications. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 72–87. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D., Staddon, J., Hao-Chi, W.: Secret handshakes from pairing-based key agreements. In: Proceedings of the IEEE Symposium and Security and Privacy, May 2003, pp. 180–196 (2003)Google Scholar
  3. 3.
    Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)Google Scholar
  4. 4.
    Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  6. 6.
    Boudot, F.: Efficient proofs that a committed number lies in an interval. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 431–444. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Bradshaw, R., Holt, J., Seamons, K.: Concealing complex policies with hidden credentials. In: Proceedings of 11th ACM Conference on Computer and Communications Security, October 2004, pp. 146–157 (2004)Google Scholar
  8. 8.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Castelluccia, C., Jarecki, S., Tsudik, G.: Secret handshakes from CA-oblivious encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Cramer, R., Shoup, V.: Signature schemes based on the strong RSA assumption. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 46–51. ACM Press, New York (1999)CrossRefGoogle Scholar
  11. 11.
    Crampton, J., Loizou, G.: Administrative scope and role hierarchy operations. In: Proceedings of 7th ACM Symposium on Access Control Models and Technologies, June 2002, pp. 145–154 (2002)Google Scholar
  12. 12.
    Crépeau, C.: Verifiable disclosure of secrets and applications (abstract). In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 150–154. Springer, Heidelberg (1990)Google Scholar
  13. 13.
    Di Crescenzo, G., Ostrovsky, R., Rajagopalan, S.: Conditional oblivious transfer and timed-release encryption. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 74–89. Springer, Heidelberg (1999)Google Scholar
  14. 14.
    Damgård, I., Fujisaki, E.: An integer commitment scheme based on groups with hidden order. In: ASIACRYPT 2002. LNCS, vol. 2501, pp. 125–142. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in ad hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Frikken, K.B., Atallah, M.J., Li, J.: Hidden access control policies with hidden credentials. In: Proceedings of the 3rd ACM Workshop on Privacy in the Electronic Society (October 2004)Google Scholar
  17. 17.
    Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)Google Scholar
  18. 18.
    Garay, J., MacKenzie, P., Yang, K.: Efficient and universally composable committed oblivious transfer and applications. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 297–316. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Holt, J.E., Bradshaw, R.W., Seamons, K.E., Orman, H.: Hidden credentials. In: Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society, October 2003, pp. 1–8 (2003)Google Scholar
  20. 20.
    Li, J., Li, N.: OACerts: Oblivious attribute certificates. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 301–317. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Li, J., Li, N.: Policy-hiding access control in open environment. In: Proceedings of the 24nd ACM Symposium on Principles of Distributed Computing, pp. 29–38. ACM Press, New York (2005)Google Scholar
  22. 22.
    Li, J., Li, N., Winsborough, W.H.: Automated trust negotiation using cryptographic credentials. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 46–57. ACM Press, New York (2005)CrossRefGoogle Scholar
  23. 23.
    Li, N., Du, W., Boneh, D.: Oblivious signature-based envelope. In: Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing, pp. 182–189. ACM Press, New York (2003)Google Scholar
  24. 24.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  25. 25.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  26. 26.
    Rabin, M.O.: How to exchange secrets by oblivious transfer. Technical Report Memo TR-81, Aiken Computation Laboratory, Harvard University (1981)Google Scholar
  27. 27.
    Smart, N.: Access control using pairing based cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 111–121. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  28. 28.
    Winsborough, W.H., Li, N.: Safety in automated trust negotiation. In: Proceedings of the IEEE Symposium on Security and Privacy, May 2004, pp. 147–160 (2004)Google Scholar
  29. 29.
    Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition, vol. I, pp. 88–102. IEEE Press, Los Alamitos (2000)Google Scholar
  30. 30.
    Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security 6(1), 1–42 (2003)MATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jiangtao Li
    • 1
  • Ninghui Li
    • 2
  1. 1.Intel CorporationHillsboro
  2. 2.Department of Computer SciencePurdue UniversityWest Lafayette

Personalised recommendations