Cross-Domain Attribute-Based Access Control Encryption View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2021-12-09

AUTHORS

Mahdi Sedaghat , Bart Preneel

ABSTRACT

Logic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damgård et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users’ anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been proposed, but they have huge ciphertext and key sizes and/or rely on indistinguishability obfuscation. At IEEE S&P 2021, Wang and Chow proposed a Cross-Domain ACE scheme with constant-size ciphertext and arbitrary identity-based policy; the key generators are separated into two distinct parties, called Sender Authority and Receiver Authority. In this paper, we improve over their work with a novel construction that provides a more expressive access control policy based on attributes rather than on identities, the security of which relies on standard assumptions. Our generic construction combines Structure-Preserving Signatures, Non-Interactive Zero-Knowledge proofs, and Re-randomizable Ciphertext-Policy Attribute-Based Encryption schemes. Moreover, we propose an efficient scheme in which the sizes of ciphertexts and encryption and decryption keys are constant and thus independent of the number of receivers and their attributes. Our experiments demonstrate that not only is our system more flexible, but it also is more efficient and results in shorter decryption keys (reduced from about 100 to 47 bytes) and ciphertexts (reduced from about 1400 to 1047). More... »

PAGES

3-23

Book

TITLE

Cryptology and Network Security

ISBN

978-3-030-92547-5
978-3-030-92548-2

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-92548-2_1

DOI

http://dx.doi.org/10.1007/978-3-030-92548-2_1

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1143720085


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "imec-COSIC, KU Leuven, Leuven, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "imec-COSIC, KU Leuven, Leuven, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Sedaghat", 
        "givenName": "Mahdi", 
        "id": "sg:person.013230154026.15", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013230154026.15"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "imec-COSIC, KU Leuven, Leuven, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "imec-COSIC, KU Leuven, Leuven, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Preneel", 
        "givenName": "Bart", 
        "id": "sg:person.011115044357.39", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2021-12-09", 
    "datePublishedReg": "2021-12-09", 
    "description": "Abstract\nLogic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damg\u00e5rd et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users\u2019 anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been proposed, but they have huge ciphertext and key sizes and/or rely on indistinguishability obfuscation. At IEEE S&P 2021, Wang and Chow proposed a Cross-Domain ACE scheme with constant-size ciphertext and arbitrary identity-based policy; the key generators are separated into two distinct parties, called Sender Authority and Receiver Authority. In this paper, we improve over their work with a novel construction that provides a more expressive access control policy based on attributes rather than on identities, the security of which relies on standard assumptions. Our generic construction combines Structure-Preserving Signatures, Non-Interactive Zero-Knowledge proofs, and Re-randomizable Ciphertext-Policy Attribute-Based Encryption schemes. Moreover, we propose an efficient scheme in which the sizes of ciphertexts and encryption and decryption keys are constant and thus independent of the number of receivers and their attributes. Our experiments demonstrate that not only is our system more flexible, but it also is more efficient and results in shorter decryption keys (reduced from about 100 to 47 bytes) and ciphertexts (reduced from about 1400 to 1047).", 
    "editor": [
      {
        "familyName": "Conti", 
        "givenName": "Mauro", 
        "type": "Person"
      }, 
      {
        "familyName": "Stevens", 
        "givenName": "Marc", 
        "type": "Person"
      }, 
      {
        "familyName": "Krenn", 
        "givenName": "Stephan", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-92548-2_1", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-030-92547-5", 
        "978-3-030-92548-2"
      ], 
      "name": "Cryptology and Network Security", 
      "type": "Book"
    }, 
    "keywords": [
      "decryption key", 
      "encryption scheme", 
      "access control encryption scheme", 
      "expressive access control policies", 
      "Ciphertext-Policy Attribute", 
      "access control policies", 
      "short decryption keys", 
      "Access Control Encryption", 
      "Non-Interactive Zero", 
      "size of ciphertext", 
      "constant-size ciphertexts", 
      "structure-preserving signatures", 
      "Damg\u00e5rd et al", 
      "user anonymity", 
      "knowledge proofs", 
      "malicious parties", 
      "message secrecy", 
      "key size", 
      "key generator", 
      "access policy", 
      "domain attributes", 
      "generic construction", 
      "ciphertext", 
      "indistinguishability obfuscation", 
      "predicate functions", 
      "efficient scheme", 
      "distinct parties", 
      "number of receivers", 
      "encryption", 
      "ACE scheme", 
      "anonymity", 
      "control policies", 
      "scheme", 
      "identity-based policies", 
      "attributes", 
      "novel construction", 
      "obfuscation", 
      "key", 
      "users", 
      "security", 
      "standard assumptions", 
      "secrecy", 
      "enforces", 
      "IEEE", 
      "parties", 
      "construction", 
      "data", 
      "entities", 
      "proof", 
      "system", 
      "work", 
      "enforcement", 
      "generator", 
      "receiver", 
      "experiments", 
      "policy", 
      "signatures", 
      "number", 
      "authorities", 
      "et al", 
      "assumption", 
      "Wang", 
      "results", 
      "size", 
      "function", 
      "zeros", 
      "identity", 
      "al", 
      "paper", 
      "chow"
    ], 
    "name": "Cross-Domain Attribute-Based Access Control Encryption", 
    "pagination": "3-23", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1143720085"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-92548-2_1"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-92548-2_1", 
      "https://app.dimensions.ai/details/publication/pub.1143720085"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-10-01T06:53", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221001/entities/gbq_results/chapter/chapter_172.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-92548-2_1"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92548-2_1'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92548-2_1'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92548-2_1'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-92548-2_1'


 

This table displays all metadata directly associated to this object as RDF triples.

146 TRIPLES      22 PREDICATES      94 URIs      87 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-92548-2_1 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N12b5fd2d8c0149db82270337c3501b08
4 schema:datePublished 2021-12-09
5 schema:datePublishedReg 2021-12-09
6 schema:description Abstract Logic access control enforces who can read and write data; the enforcement is typically performed by a fully trusted entity. At TCC 2016, Damgård et al. proposed Access Control Encryption (ACE) schemes where a predicate function decides whether or not users can read (decrypt) and write (encrypt) data, while the message secrecy and the users’ anonymity are preserved against malicious parties. Subsequently, several ACE constructions with an arbitrary identity-based access policy have been proposed, but they have huge ciphertext and key sizes and/or rely on indistinguishability obfuscation. At IEEE S&P 2021, Wang and Chow proposed a Cross-Domain ACE scheme with constant-size ciphertext and arbitrary identity-based policy; the key generators are separated into two distinct parties, called Sender Authority and Receiver Authority. In this paper, we improve over their work with a novel construction that provides a more expressive access control policy based on attributes rather than on identities, the security of which relies on standard assumptions. Our generic construction combines Structure-Preserving Signatures, Non-Interactive Zero-Knowledge proofs, and Re-randomizable Ciphertext-Policy Attribute-Based Encryption schemes. Moreover, we propose an efficient scheme in which the sizes of ciphertexts and encryption and decryption keys are constant and thus independent of the number of receivers and their attributes. Our experiments demonstrate that not only is our system more flexible, but it also is more efficient and results in shorter decryption keys (reduced from about 100 to 47 bytes) and ciphertexts (reduced from about 1400 to 1047).
7 schema:editor Ncba464a568ac42a5a09cf4975adaa58f
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf N2306b9db5e00447ebea64c7fa5877a86
11 schema:keywords ACE scheme
12 Access Control Encryption
13 Ciphertext-Policy Attribute
14 Damgård et al
15 IEEE
16 Non-Interactive Zero
17 Wang
18 access control encryption scheme
19 access control policies
20 access policy
21 al
22 anonymity
23 assumption
24 attributes
25 authorities
26 chow
27 ciphertext
28 constant-size ciphertexts
29 construction
30 control policies
31 data
32 decryption key
33 distinct parties
34 domain attributes
35 efficient scheme
36 encryption
37 encryption scheme
38 enforcement
39 enforces
40 entities
41 et al
42 experiments
43 expressive access control policies
44 function
45 generator
46 generic construction
47 identity
48 identity-based policies
49 indistinguishability obfuscation
50 key
51 key generator
52 key size
53 knowledge proofs
54 malicious parties
55 message secrecy
56 novel construction
57 number
58 number of receivers
59 obfuscation
60 paper
61 parties
62 policy
63 predicate functions
64 proof
65 receiver
66 results
67 scheme
68 secrecy
69 security
70 short decryption keys
71 signatures
72 size
73 size of ciphertext
74 standard assumptions
75 structure-preserving signatures
76 system
77 user anonymity
78 users
79 work
80 zeros
81 schema:name Cross-Domain Attribute-Based Access Control Encryption
82 schema:pagination 3-23
83 schema:productId N74c4cb20d5634309bbc46279b442ce0f
84 N9eef36be7f77497889d5edb21e751165
85 schema:publisher N7ce59600194a4a5894f4d553a20a1579
86 schema:sameAs https://app.dimensions.ai/details/publication/pub.1143720085
87 https://doi.org/10.1007/978-3-030-92548-2_1
88 schema:sdDatePublished 2022-10-01T06:53
89 schema:sdLicense https://scigraph.springernature.com/explorer/license/
90 schema:sdPublisher N2e90e037577e40cfa2803be96e0107bd
91 schema:url https://doi.org/10.1007/978-3-030-92548-2_1
92 sgo:license sg:explorer/license/
93 sgo:sdDataset chapters
94 rdf:type schema:Chapter
95 N058342f9ac194cb6bef17bc2a1fe8a48 rdf:first sg:person.011115044357.39
96 rdf:rest rdf:nil
97 N12b5fd2d8c0149db82270337c3501b08 rdf:first sg:person.013230154026.15
98 rdf:rest N058342f9ac194cb6bef17bc2a1fe8a48
99 N2306b9db5e00447ebea64c7fa5877a86 schema:isbn 978-3-030-92547-5
100 978-3-030-92548-2
101 schema:name Cryptology and Network Security
102 rdf:type schema:Book
103 N2e90e037577e40cfa2803be96e0107bd schema:name Springer Nature - SN SciGraph project
104 rdf:type schema:Organization
105 N73d832d94cad467d94c47d52a550d16f schema:familyName Stevens
106 schema:givenName Marc
107 rdf:type schema:Person
108 N74c4cb20d5634309bbc46279b442ce0f schema:name doi
109 schema:value 10.1007/978-3-030-92548-2_1
110 rdf:type schema:PropertyValue
111 N7ce59600194a4a5894f4d553a20a1579 schema:name Springer Nature
112 rdf:type schema:Organisation
113 N95b9f3cbc11d4222889dd90621b40a96 rdf:first N73d832d94cad467d94c47d52a550d16f
114 rdf:rest Nc5353b238c2d4bac8ce5f4f642830775
115 N9eef36be7f77497889d5edb21e751165 schema:name dimensions_id
116 schema:value pub.1143720085
117 rdf:type schema:PropertyValue
118 Nc069715b6ff84745834328ac51e6c208 schema:familyName Krenn
119 schema:givenName Stephan
120 rdf:type schema:Person
121 Nc13aec43cbe84b47a818923525394b71 schema:familyName Conti
122 schema:givenName Mauro
123 rdf:type schema:Person
124 Nc5353b238c2d4bac8ce5f4f642830775 rdf:first Nc069715b6ff84745834328ac51e6c208
125 rdf:rest rdf:nil
126 Ncba464a568ac42a5a09cf4975adaa58f rdf:first Nc13aec43cbe84b47a818923525394b71
127 rdf:rest N95b9f3cbc11d4222889dd90621b40a96
128 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
129 schema:name Information and Computing Sciences
130 rdf:type schema:DefinedTerm
131 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
132 schema:name Data Format
133 rdf:type schema:DefinedTerm
134 sg:person.011115044357.39 schema:affiliation grid-institutes:grid.5596.f
135 schema:familyName Preneel
136 schema:givenName Bart
137 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39
138 rdf:type schema:Person
139 sg:person.013230154026.15 schema:affiliation grid-institutes:grid.5596.f
140 schema:familyName Sedaghat
141 schema:givenName Mahdi
142 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013230154026.15
143 rdf:type schema:Person
144 grid-institutes:grid.5596.f schema:alternateName imec-COSIC, KU Leuven, Leuven, Belgium
145 schema:name imec-COSIC, KU Leuven, Leuven, Belgium
146 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...