Key-Policy Attribute-Based Encryption

Transcription

1 Key-Policy Attribute-Based Encryption Present by Xiaokui Shu 09/08/2011

2 Identity-Based Encryption Basic KP-ABE Secret-Sharing Scheme Fine-grained Access Control Application Scenario Advanced Topics Related Work 2

3 Application Introduction How to share encrypted data? Alice decrypt data for Bob Alice give its key to Bob Bob Alice 3

4 Application Introduction Dep: CS Group: Admin Dep: CS Group: Admin Bob Alice Eve Dep: ECE Group: Admin 4

5 Application: Audit Log Log need to be encrypted Cannot be known to everyone Collaborative forensic analysis Someone need to known it Someone is not fixed Attributes User name Permitted time 5

6 Application: Targeted Broadcast Scenario A broadcaster broadcasts different items Each user is subscribed to a different package Broadcast Encryption Schemes Encrypting to an arbitrary subset of users Efficiency dependents on the size of users Attributes E.g. sports, news, financial 6

7 Secret-Sharing Scheme ABE is not enough. Fine-grained access control needed. 7

8 Key-Policy Attribute-Based Encryption Ts == 2 d admin time CIA spec Alice Bob Pro. OR OR CS copro 8

9 All You Need to Know About KP-ABE KP-ABE IBE SSS Tree Secret-Sharing Scheme Fine-grained Access Control 9

10 Cite from Extract Click to edit Master title style Identity-based Encryption Private Key Generator (PKG) master-key Setup k ID params ID Receiver d ID Decrypt C Encrypt M M Sender Fall, Privacy&Security 10 - Virginia Tech Computer Science

11 Key-Policy Attribute-Based Encryption :: IBE Key Generation masterkey Setup k A Key Generator att params s d Receiv er Decrypt C Encrypt att M M Sender Fall, Privacy&Security 11 - Virginia Tech Computer Science

12 Secret-Sharing Scheme Play with math. 12

13 Bilinear map 13

14 Public parameters Click to edit Master title style Identity-Based Encryption Encryption Decryption Key to each attribute Secret Clue 14

15 Public parameters Click to edit Master title style Identity-Based Encryption Encryption Decryption 15

16 Secret-Sharing Scheme 16

17 SSS Tree Secret of lower level is share of higher level 17

18 Secret-Sharing Scheme 18

19 Secret-Sharing Scheme Output: leaves Output: current node 19

20 Secret-Sharing Scheme AND, OR and Threshold n: number of children of a node k: number of shares to unlock a secret of a node AND: k == n OR: k == 1 Threshold: k > 1 && k < n Leaf: k == 1 20

21 Secret-Sharing Scheme Sketch is done. 21

22 Advanced Topics: Security Collusion CS, admin ECE, dean CS, dean? 22

23 Advanced Topics: Security Collusion resistance not set, but access tree OR AND AND ECE dean CS admin 23

24 Advanced Topics: Large Universe Construction From limited attributes to any arbitrary strings Unchanged: Setup, Encryption Modified: Key Generation, Decryption 24

25 Advanced Topics: Delegation of Private Keys 25

26 Advanced Topics: Delegation of Private Keys 26

27 Advanced Topics: Delegation of Private Keys Manipulations Adding a new trivial gate to T blue-green -> blue-red-green with 0-degree poly Manipulating an existing (t, n)-gate Converting a (t, n)-gate to a (t + 1, n)-gate Converting a (t, n)-gate to a (t + 1, n + 1)-gate Converting a (t, n)-gate to a (t, n-1)-gate Re-randomizing the obtained key New random poly The given set of operations is complete 27

28 Related Work: CP-ABE KP-ABE ciphertexts are associated with sets of attributes user secret keys are associated with policies CP-ABE user keys are associated with sets of attributes ciphertexts are associated with policies 28

29 Secret-Sharing Scheme Thank you! 29

30 Advanced Topics: Security Decisional Bilinear Diffie-Hellman Assumption 30

31 Advanced Topics: Delegation of Private Keys Manipulations details Adding a new trivial gate to T Converting a (t, n)-gate to a (t + 1, n)-gate Converting a (t, n)-gate to a (t + 1, n + 1)-gate Converting a (t, n)-gate to a (t, n-1)-gate 31