Skip to main content
SpringerLink
Log in

Revocable Policy-Based Chameleon Hash

  • Conference paper
  • First Online:
Computer Security – ESORICS 2021 (ESORICS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12972))

Included in the following conference series:

Abstract

Policy-based chameleon hash (PCH) is a cryptographic building block which finds increasing practical applications. Given a message and an access policy, for any chameleon hash generated by a PCH scheme, a chameleon trapdoor holder whose rewriting privileges satisfy the access policy can amend the underlying message without affecting the hash value. In practice, it is necessary to revoke the rewriting privileges of a trapdoor holder due to various reasons, such as change of positions, compromise of credentials, or malicious behaviours. In this paper, we introduce the notion of revocable PCH (RPCH) and formally define its security. We instantiate a concrete RPCH construction by putting forward a practical revocable attribute-based encryption (RABE) scheme which is adaptively secure under a standard assumption on prime-order pairing groups. As application examples, we show how to effectively integrate RPCH into mutable blockchain and sanitizable signature for revoking the rewriting privileges of any chameleon trapdoor holders. We implement our RPCH scheme and evaluate its performance to demonstrate its efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In the rest of the paper, unless otherwise specified, RABE represents indirect RABE.

  2. 2.

    As explained above, previous RABE solutions are either selectively secure [15, 37,38,39,40,41] or adaptively secure under non-standard assumptions or composite-order groups [33]. Guillevic [22] reported that bilinear pairings are 254 times slower in composite-order than in prime-order groups for the same 128-bit security. Despite dual pairing vector space [30] can transfer composite-order groups to prime-order groups, it could be paramount for enormous encoding schemes [5].

  3. 3.

    In RABE, the decryption privilege is based on the decryption key, which is derived from the long-term secret key and public key-updating material.

  4. 4.

    To simplicity, the weak model, outsider collision-resistance [16] has not taken into consideration since ICR covers this weak model as in [34].

  5. 5.

    Outsourced decryption has also not taken into consideration due to a (semi-)trusted third party is needed and processes outsourced decryption.

References

  1. General data protection regulation. https://gdpr-info.eu/

  2. Agrawal, S., Chase, M.: FAME: fast attribute-based message encryption. In: CCS, pp. 665–682 (2017)

    Google Scholar 

  3. Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: ESORICS, vol. 3679, pp. 159–177 (2005)

    Google Scholar 

  4. Ateniese, G., Magri, B., Venturi, D., Andrade, E.R.: Redactable blockchain - or - rewriting history in bitcoin and friends. In: EuroS&P, pp. 111–126 (2017)

    Google Scholar 

  5. Attrapadung, N.: Dual system encryption framework in prime-order groups via computational pair encodings. In: ASIACRYPT, pp. 591–623 (2016)

    Google Scholar 

  6. Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: IMA, pp. 278–300 (2009)

    Google Scholar 

  7. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE S&P, pp. 321–334 (2007)

    Google Scholar 

  8. Bilzhause, A., Pöhls, H.C., Samelin, K.: Position paper: the past, present, and future of sanitizable and redactable signatures. In: ARES, pp. 87:1–87:9 (2017)

    Google Scholar 

  9. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: CCS, pp. 417–426 (2008)

    Google Scholar 

  10. Boneh, D., Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: EUROCRYPT, vol. 3027, pp. 223–238 (2004)

    Google Scholar 

  11. Boneh, D., Boyen, X., Goh, E.: Hierarchical identity based encryption with constant size ciphertext. In: EUROCRYPT, vol. 3494, pp. 440–456 (2005)

    Google Scholar 

  12. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  13. Bultel, X., Lafourcade, P., Lai, R.W.F., Malavolta, G., Schröder, D., Thyagarajan, S.A.K.: Efficient invisible and unlinkable sanitizable signatures. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11442, pp. 159–189. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17253-4_6

    Chapter  Google Scholar 

  14. Camenisch, J., Derler, D., Krenn, S., Pöhls, H.C., Samelin, K., Slamanig, D.: Chameleon-hashes with ephemeral trapdoors. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10175, pp. 152–182. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54388-7_6

    Chapter  Google Scholar 

  15. Cui, H., Deng, R.H., Li, Y., Qin, B.: Server-aided revocable attribute-based encryption. In: ESORICS, vol. 9879, pp. 570–587 (2016)

    Google Scholar 

  16. Derler, D., Samelin, K., Slamanig, D., Striecks, C.: Fine-grained and controlled rewriting in blockchains: Chameleon-hashing gone attribute-based. In: NDSS (2019)

    Google Scholar 

  17. Deuber, D., Magri, B., Thyagarajan, S.A.K.: Redactable blockchain in the permissionless setting. In: IEEE SP, pp. 124–138 (2019)

    Google Scholar 

  18. Fischlin, M., Harasser, P.: Invisible sanitizable signatures and public-key encryption are equivalent. In: Preneel, B., Vercauteren, F. (eds.) ACNS 2018. LNCS, vol. 10892, pp. 202–220. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93387-0_11

    Chapter  MATH  Google Scholar 

  19. Fleischhacker, N., Krupp, J., Malavolta, G., Schneider, J., Schröder, D., Simkin, M.: Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 301–330. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_12

    Chapter  Google Scholar 

  20. Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_34

    Chapter  Google Scholar 

  21. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: CCS, pp. 89–98 (2006)

    Google Scholar 

  22. Guillevic, A.: Comparing the pairing efficiency over composite-order and prime-order elliptic curves. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 357–372. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38980-1_22

    Chapter  Google Scholar 

  23. Kohno, T., Stubblefield, A., Rubin, A.D., Wallach, D.S.: Analysis of an electronic voting system. In: IEEE S&P, p. 27 (2004)

    Google Scholar 

  24. Krawczyk, H., Rabin, T.: Chameleon signatures. In: NDSS (2000)

    Google Scholar 

  25. Lewko, A.B., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: EUROCRYPT, vol. 6110, pp. 62–91 (2010)

    Google Scholar 

  26. Liu, J.K., Yuen, T.H., Zhang, P., Liang, K.: Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list. In: Preneel, B., Vercauteren, F. (eds.) ACNS 2018. LNCS, vol. 10892, pp. 516–534. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93387-0_27

    Chapter  Google Scholar 

  27. Matzutt, R., et al.: A quantitative analysis of the impact of arbitrary blockchain content on bitcoin. In: Meiklejohn, S., Sako, K. (eds.) FC 2018. LNCS, vol. 10957, pp. 420–438. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-662-58387-6_23

    Chapter  Google Scholar 

  28. Matzutt, R., Hohlfeld, O., Henze, M., Rawiel, R., Ziegeldorf, J.H., Wehrle, K.: POSTER: i don’t want that content! on the risks of exploiting bitcoin’s blockchain as a content store. In: CCS, pp. 1769–1771 (2016)

    Google Scholar 

  29. Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_3

    Chapter  Google Scholar 

  30. Okamoto, T., Takashima, K.: Fully secure unbounded inner-product and attribute-based encryption. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 349–366. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_22

    Chapter  Google Scholar 

  31. Qin, B., Zhao, Q., Zheng, D., Cui, H.: Server-aided revocable attribute-based encryption resilient to decryption key exposure. In: Capkun, S., Chow, S.S.M. (eds.) CANS 2017. LNCS, vol. 11261, pp. 504–514. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-02641-7_25

    Chapter  Google Scholar 

  32. Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: CCS, pp. 463–474 (2013)

    Google Scholar 

  33. Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 199–217. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_13

    Chapter  Google Scholar 

  34. Samelin, K., Slamanig, D.: Policy-based sanitizable signatures. In: Jarecki, S. (ed.) CT-RSA 2020. LNCS, vol. 12006, pp. 538–563. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40186-3_23

    Chapter  Google Scholar 

  35. Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7_14

    Chapter  Google Scholar 

  36. Tian, Y., Li, N., Li, Y., Szalachowski, P., Zhou, J.: Policy-based chameleon hash for blockchain rewriting with black-box accountability. In: ACSAC, pp. 813–828 (2020)

    Google Scholar 

  37. Xu, S., Yang, G., Mu, Y.: Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation. Inf. Sci. 479, 116–134 (2019)

    Article  MathSciNet  Google Scholar 

  38. Xu, S., Yang, G., Mu, Y., Deng, R.H.: Secure fine-grained access control and data sharing for dynamic groups in the cloud. IEEE Trans. Inf. Forensics Secur. 13(8), 2101–2113 (2018)

    Article  Google Scholar 

  39. Xu, S., Yang, G., Mu, Y., Liu, X.: A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance. Future Gener. Comput. Syst. 97, 284–294 (2019)

    Article  Google Scholar 

  40. Xu, S., Zhang, Y., Li, Y., Liu, X., Yang, G.: Generic construction of ElGama-type attribute-based encryption schemes with revocability and dual-policy. In: SecureComm, vol. 305, pp. 184–204 (2019)

    Google Scholar 

  41. Yang, Y., Liu, J.K., Liang, K., Choo, K.-K.R., Zhou, J.: Extended proxy-assisted approach: achieving revocable fine-grained encryption of cloud data. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 146–166. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24177-7_8

    Chapter  Google Scholar 

Download references

Acknowledgments

This work is supported in part by AXA Research Fund, the National Natural Science Foundation of China (Grant Nos. 62102090, 62032005, 61972094), the young talent promotion project of Fujian Science and Technology Association, and Science Foundation of Fujian Provincial Science and Technology Agency (2020J02016).

Author information

Authors and Affiliations

  1. College of Computer and Cyber Security, Fujian Normal University, Fuzhou, 350117, China

    Shengmin Xu, Jianting Ning & Jinhua Ma

  2. School of Computing and Information Systems, Singapore Management University, Singapore, 188065, Singapore

    Shengmin Xu, Jinhua Ma & Robert H. Deng

  3. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Jianting Ning

  4. School of Computer Science and Engineering, Nanyang Technological University, Singapore, 639798, Singapore

    Guowen Xu

  5. Computer and Information Science Department, University of Oregon, Eugene, OR, 97403, USA

    Jiaming Yuan

Authors
  1. Shengmin Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianting Ning
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jinhua Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guowen Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jiaming Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Robert H. Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jianting Ning .

Editor information

Editors and Affiliations

  1. Purdue University, West Lafayette, IN, USA

    Elisa Bertino

  2. National Research Center for Applied Cybersecurity ATHENE, Fraunhofer Institute for Secure Information Technology SIT, Darmstadt, Germany

    Haya Shulman

  3. National Research Center for Applied Cybersecurity ATHENE , Technische Universität Darmstadt, Fraunhofer Institute for Secure Information Technology SIT, Darmstadt, Germany

    Michael Waidner

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xu, S., Ning, J., Ma, J., Xu, G., Yuan, J., Deng, R.H. (2021). Revocable Policy-Based Chameleon Hash. In: Bertino, E., Shulman, H., Waidner, M. (eds) Computer Security – ESORICS 2021. ESORICS 2021. Lecture Notes in Computer Science(), vol 12972. Springer, Cham. https://doi.org/10.1007/978-3-030-88418-5_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-88418-5_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-88417-8

  • Online ISBN: 978-3-030-88418-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation