Privacy-Preserving Policy-Based Information Transfer

  • Emiliano De Cristofaro
  • Stanislaw Jarecki
  • Jihye Kim
  • Gene Tsudik
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5672)


As the global society becomes more interconnected and more privacy-conscious, communication protocols must balance access control with protecting participants’ privacy. A common current scenario involves an authorized party (client) who needs to retrieve sensitive information held by another party (server) such that: (1) the former only gets the information for which it is duly authorized, (2) the latter does not learn what information information is retrieved. To address this scenario, in this paper, we introduce and explore the concept of Privacy-preserving Policy-based Information Transfer (PPIT). We construct three PPIT schemes based, respectively, on: RSA, Schnorr and IBE techniques. We then investigate various performance improvements and demonstrate the practicality of proposed PPIT schemes.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-Privacy in Public-Key Encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566–582. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key Encryption with Keyword Search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)Google Scholar
  3. 3.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the weil pairing. SIAM Journal of Computing 32(3), 586–615 (2003)MATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Boyen, X., Waters, B.: Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 290–307. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Bradshaw, R., Holt, J., Seamons, K.: Concealing complex policies with hidden credentials. In: CCS 2004, pp. 146–157 (2004)Google Scholar
  6. 6.
    Castelluccia, C., Jarecki, S., Tsudik, G.: Secret Handshakes from CA-Oblivious Encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)Google Scholar
  7. 7.
    Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. Journal of the ACM (JACM) 45(6), 965–981 (1998)MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)MATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)Google Scholar
  10. 10.
    Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 1–19. Springer, Heidelberg (2004)Google Scholar
  11. 11.
    Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting data privacy in private information retrieval schemes. In: STOC 1998, pp. 151–160 (1998)Google Scholar
  12. 12.
    Hazay, C., Lindell, Y.: Efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 155–175. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Jarecki, S., Liu, X.: Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 577–594. Springer, Heidelberg (2009)Google Scholar
  14. 14.
    Li, N., Du, W., Boneh, D.: Oblivious signature-based envelope. Distributed Computing 17(4), 293–302 (2005)CrossRefGoogle Scholar
  15. 15.
    Lynn, B.: PBC: The Pairing-Based Cryptography Library,
  16. 16.
    Naor, M., Pinkas, B.: Oblivious Transfer and Polynomial Evaluation. In: STOC 1999, pp. 245–254 (1999)Google Scholar
  17. 17.
    Nasserian, S., Tsudik, G.: Revisiting oblivious signature-based envelopes. In: Financial Cryptography 2006, pp. 221–235 (2006)Google Scholar
  18. 18.
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)Google Scholar
  19. 19.
    Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)MATHCrossRefMathSciNetGoogle Scholar
  20. 20.
    Schnorr, C.: Efficient signature generation by smart cards. Journal of Cryptology 4(3), 161–174 (1991)MATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Waters, B., Balfanz, D., Durfee, G., Smetters, D.: Building an encrypted and searchable audit log. In: NDSS 2004 (2004)Google Scholar
  22. 22.
    Yao, A.: Protocols for secure computations. In: FOCS 1982, pp. 160–164 (1982)Google Scholar
  23. 23.
    Young, E., Hudson, T.: OpenSSL: The Open Source toolkit for SSL/TLS,

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Emiliano De Cristofaro
    • 1
  • Stanislaw Jarecki
    • 1
  • Jihye Kim
    • 2
  • Gene Tsudik
    • 1
  1. 1.Computer Science DepartmentUniversity of CaliforniaIrvine
  2. 2.Department of Mathematical SciencesSeoul National University 

Personalised recommendations