Access Control Encryption: Enforcing Information Flow with Cryptography

  • Ivan Damgård
  • Helene HaaghEmail author
  • Claudio Orlandi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9986)


We initiate the study of Access Control Encryption (ACE), a novel cryptographic primitive that allows fine-grained access control, by giving different rights to different users not only in terms of which messages they are allowed to receive, but also which messages they are allowed to send.

Classical examples of security policies for information flow are the well known Bell-Lapadula [BL73] or Biba [Bib75] model: in a nutshell, the Bell-Lapadula model assigns roles to every user in the system (e.g., public, secret and top-secret). A users’ role specifies which messages the user is allowed to receive (i.e., the no read-up rule, meaning that users with public clearance should not be able to read messages marked as secret or top-secret) but also which messages the user is allowed to send (i.e., the no write-down rule, meaning that a malicious user with top-secret clearance should not be able to write messages marked as secret or public). To the best of our knowledge, no existing cryptographic primitive allows for even this simple form of access control, since no existing cryptographic primitive enforces any restriction on what kind of messages one should be able to encrypt. Our contributions are:
  • Introducing and formally defining access control encryption (ACE);

  • A construction of ACE with complexity linear in the number of the roles based on classic number theoretic assumptions (DDH, Paillier);

  • A construction of ACE with complexity polylogarithmic in the number of roles based on recent results on cryptographic obfuscation;


  1. [BFM88]
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2–4, 1988, Chicago, Illinois, USA, pp. 103–112 (1988)Google Scholar
  2. [Bib75]
    Biba, K.J.: Integrity considerations for secure computer systems. No. MTR-3153-REV-1. MITRE Corp., Bedford, MA (1975)Google Scholar
  3. [BL73]
    Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations. Draft MTR, The MITRE Corporation, 2 (1973)Google Scholar
  4. [BP03]
    Backes, M., Pfitzmann, B.: Intransitive non-interference for cryptographic purpose. In: 2003 IEEE Symposium on Security and Privacy (S&P 2003), 11–14 May 2003, Berkeley, CA, USA, p. 140 (2003)Google Scholar
  5. [BP04]
    Backes, M., Pfitzmann, B.: Computational probabilistic noninterference. Int. J. Inf. Sec. 3(1), 42–60 (2004)CrossRefGoogle Scholar
  6. [BSW11]
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. [DHO16]
    Damgård, I., Haagh, H., Orlandi, C.: Access control encryption: enforcing information flow with cryptography. Cryptology ePrint Archive, Report 2016/106 (2016).
  8. [DMS15]
    Dodis, Y., Mironov, I., Stephens-Davidowitz, N.: Message transmission with reverse firewalls—secure communication on corrupted machines. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 341–372. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53018-4_13 CrossRefGoogle Scholar
  9. [FAL06]
    Frikken, K., Atallah, M., Li, J.: Attribute-based access control with hidden policies and hidden credentials. IEEE Trans. Comput. 55(10), 1259–1270 (2006)CrossRefGoogle Scholar
  10. [FF15]
    Fehr, V., Fischlin, M.: Sanitizable signcryption: Sanitization over encrypted data (full version). IACR Cryptology ePrint Archive, 2015:765 (2015)Google Scholar
  11. [FFLW15]
    Ferrara, A.L., Fuchsbauer, G., Liu, B., Warinschi, B.: Policy privacy in cryptographic access control. In: IEEE 28th Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13–17 July, 2015, pp. 46–60 (2015)Google Scholar
  12. [Gam85]
    El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory 31(4), 469–472 (1985)MathSciNetCrossRefGoogle Scholar
  13. [GGH+13]
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013, 26–29 October 2013, Berkeley, CA, USA, pp. 40–49 (2013)Google Scholar
  14. [GJJS04]
    Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24660-2_14 CrossRefGoogle Scholar
  15. [GPSW06]
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, October 30 - November 3, 2006, pp. 89–98 (2006)Google Scholar
  16. [HKN05]
    Halevi, S., Karger, P.A., Naor, D.: Enforcing confinement in distributed storage and a cryptographic model for access control. IACR Cryptology ePrint Archive 2005:169 (2005)Google Scholar
  17. [HLA02]
    Hopper, N.J., Langford, J., Ahn, L.: Provably secure steganography. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 77–92. Springer, Heidelberg (2002). doi: 10.1007/3-540-45708-9_6 CrossRefGoogle Scholar
  18. [KSW13]
    Katz, J., Sahai, A., Waters, B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. J. Cryptology 26(2), 191–224 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  19. [KTS07]
    Kapadia, A., Tsang, P.P., Smith, S.W.: Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2007, San Diego, California, USA, 28th February - 2nd March 2007 (2007)Google Scholar
  20. [MK11]
    Müller, S., Katzenbeisser, S.: Hiding the policy in cryptographic access control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 90–105. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29963-6_8 CrossRefGoogle Scholar
  21. [MS15]
    Mironov, I., Stephens-Davidowitz, N.: Cryptographic reverse firewalls. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 657–686. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46803-6_22 Google Scholar
  22. [PR07]
    Prabhakaran, M., Rosulek, M.: Rerandomizable RCCA encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 517–534. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74143-5_29 CrossRefGoogle Scholar
  23. [RZB12]
    Raykova, M., Zhao, H., Bellovin, S.M.: Privacy enhanced access control for outsourced data sharing. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 223–238. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32946-3_17 CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2016

Authors and Affiliations

  1. 1.Aarhus UniversityAarhusDenmark

Personalised recommendations