Fuzzy Identity Based Encryption

Slides:



Advertisements
Similar presentations
Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
Advertisements

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
Authors: Yanchao Zhang, Member, IEEE, Wei Liu, Wenjing Lou,Member, IEEE, and Yuguang Fang, Senior Member, IEEE Source: IEEE TRANSACTIONS ON DEPENDABLE.
CSC 774 Advanced Network Security
Online Security Tuesday April 8, 2003 Maxence Crossley.
Improving Privacy and Security in Multi- Authority Attribute-Based Encryption Advanced Information Security April 6, 2010 Presenter: Semin Kim.
Sec final project A Preposition Secret Sharing Scheme for Message Authentication in Broadcast Networks 王怡君.
Identity Based Encryption
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Secret Sharing Algorithms
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Ciphertext-Policy, Attribute-Based Encryption Brent Waters SRI International John Bethencourt CMU Amit Sahai UCLA.
Introduction to Public Key Cryptography
Privacy Preserving Query Processing in Cloud Computing Wen Jie
Efficient and Robust Private Set Intersection and multiparty multivariate polynomials Dana Dachman-Soled 1, Tal Malkin 1, Mariana Raykova 1, Moti Yung.
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
James Higdon, Sameer Sherwani
1 Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data Vipul Goyal Omkant Pandey Amit Sahai Brent Waters UCLA SRI.
Threshold PKC Shafi Goldwasser and Ran Canetti. Public Key Encryption [DH] A PKC consists of 3 PPT algorithms (G,E,D) - G(1 k ) outputs public key e,
Computer Science CSC 774 Advanced Network Security Topic 2.6 ID Based Cryptography #2 Slides by An Liu.
Public Key Encryption with keyword Search Author: Dan Boneh Rafail Ostroversity Giovanni Di Crescenzo Giuseppe Persiano Presenter: 陳昱圻.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Key-Policy Attribute-Based Encryption Present by Xiaokui.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Great Theoretical Ideas in Computer Science.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Fuzzy Identity Based Encryption Brent Waters Current Research with Amit Sahai.
Attribute-Based Encryption
1/28 Chosen-Ciphertext Security from Identity- Based Encryption Jonathan Katz U. Maryland Ran Canetti, Shai Halevi IBM.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,
Key Generation Protocol in IBC Author : Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.
PKCS #5 v2.0: Password-Based Cryptography Standard
UW CSEP 590 Term paper Biometric Authentication Shankar Raghavan.
Cryptography By: Nick Belhumeur. Overview What is Cryptography? What is Cryptography? 2 types of cryptosystems 2 types of cryptosystems Example of Encryption.
Cryptographic Protocols Secret sharing, Threshold Security
Lightweight Mutual Authentication for IoT and Its Applications
Source: IEEE Signal Processing Letters (Accepted)2016
Coexistence Among Cryptography and Noisy Data Theory and Applications
Cryptography and Network Security
Identity Based Encryption
Boneh-Franklin Identity Based Encryption Scheme
BLIND AUTHENTICATION: A SECURE CRYPTO-BIOMETRIC VERIFICATION PROTOCOL
Advanced Protocols.
Some slides borrowed from Philippe Golle, Markus Jacobson
A Novel Group Key Transfer Protocol
Identity-based deniable authentication protocol
Secret Sharing (or, more accurately, “Secret Splitting”)
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
Cryptography Lecture 12.
Polynomials, Secret Sharing, And Error-Correcting Codes
Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data An, Sanghong KAIST
Cryptography Lecture 25.
Group Key Management Scheme for Simultaneous Multiple Groups with Overlapped Membership Andrew Moore 9/27/2011.
Polynomials, Secret Sharing, And Error-Correcting Codes
Digital Signatures…!.
Key Management Network Systems Security
Key Establishment Protocols ~
Install AD Certificate Services
Cryptography Lecture 5.
A Secret Enriched Visual Cryptography
Topic 13: Message Authentication Code
Key Distribution Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, /18/2019 Ref: Pfleeger96, Ch.4.
Cryptology Design Fundamentals
CSC 774 Advanced Network Security
Attribute-Based Encryption
Cryptography Lecture 12.
Cryptography Lecture 21.
Cryptographic Protocols Secret Sharing, Threshold Security
Cryptography Lecture 23.
Cryptology Design Fundamentals
Presentation transcript:

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Introduction Fuzzy Identity Based Encryption based on the paper of Amit Sahai and Brent Waters by: Guido Simon Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Content Motivation / Abstract Identity based encryption Fuzzyfying identities Fuzzy Identity based encryption Overview Preliminaries Shamir’s Secret Sharing Bilinear Maps Lagrange coefficient Key Generation Encryption / Decryption Encryption Decryption Explanation Extension of the scheme Security Security model Definitions Proof Conclusion Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Content Part 1: Motivation / Abstract Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.1 IBE Scheme Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.1 IBE Scheme No key exchange in advance Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.1 IBE Scheme No key exchange in advance Use the identity of recipient as key Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography IBE Scheme No key exchange in advance Use the identity of recipient as key Decrypt by fetching a key from PKG Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.1 IBE Scheme Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.1 IBE Scheme Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.2 Fuzzyfying Identitys Identities become sets of Attributes Example: IDenc={Student,ComputerScience,Crypto} Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.2 Fuzzyfying Identitys Identities become sets of Attributes Example: IDenc={Student,ComputerScience,Crypto} IDdec = {Student,Male,ComputerScience,Crypto,Graphics} Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.2 Fuzzyfying Identitys One can encrypt for some public identity ⍵ Decryption with an identity ⍵‘ ⧧ ⍵ possible If ⍵ and ⍵‘ are „close enough“ Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.2 Fuzzyfying Identitys One can encrypt for some public identity ⍵ Decryption with an identity ⍵‘ ⧧ ⍵ possible If ⍵ and ⍵‘ are „close enough“ So there must be error tolerance Error tolerance makes it suitable for biometrics Use biometric details as attributes Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.3 Fuzzy IBE Scheme Fuzzy Identity Based Encryption

Key Attribute Comparison Seminar biometrics and cryptography 1.3 Fuzzy IBE Scheme Key Attribute Comparison Fuzzy Identity Based Encryption

Key Attribute Comparison Seminar biometrics and cryptography 1.3 Fuzzy IBE Scheme Key Attribute Comparison Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 1.4 Overview A short overview: Biometric identities are PUBLIC, used for encryption But also I use my biometric for decryption – How that? As in IBE scheme above, the Server generates a private Key for me – to get it, i have to authenticate with my biometric identity. Because this ID is public, the scheme relies on a „well trained operator“ to detect imitations of identites. Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Content Part 2: Preliminaries Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 2.1 Bilinear Maps Definition from the paper: The first condition will be used in the further steps Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 2.2 Shamir‘s secret sharing Proposed by Shamir in 1979 Allows to share ONE secret among N paricipants Of which D many have to collude in order to decrypt Uses Lagrange polynomial interpolation HOW? The „dealer“ chooses a random polynomial p of degree D-1 The absolute part of p is the secret He computes N random points p(x) and distributes D of them are needed for interpolation Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 2.2 Shamir‘s secret sharing The „dealer“ chooses a random polynomial p of degree D-1 The absolute part of p is the secret He computes N random points p(x) and distributes D of them are needed for interpolation Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 2.3 Lagrange coefficient Fuzzy Identity Based Encryption

Key generation (Server-side) Seminar biometrics and cryptography Content Part 3: Key generation (Server-side) Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 3 Key generation Key Generation (Server side) Universe of identity-attributes must be defined To get a unique mapping, take the first Now a y is chosen randomly from Then the public parameters are: Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 3 Key generation To generate the key for ⍵ a polynomial q of degree d-1 is chosen randomly. Then the private key is: q(0) must be equal to y Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 3 Key generation To generate the key for ⍵ a polynomial q of degree d-1 is chosen randomly. Then the private key is: This is one key for each attribute D1 D2 D3 D4 D5 D6 Fuzzy Identity Based Encryption

Danger: Collusion attacks Message is encrypted for d>=4 Seminar biometrics and cryptography 3 Key generation Danger: Collusion attacks Message is encrypted for d>=4 Attributes used for ENC User 1 User 2 User 1 & User 2, d>=4 Fuzzy Identity Based Encryption

Danger: Collusion attacks Message is encrypted for d>=4 Seminar biometrics and cryptography 3 Key generation Danger: Collusion attacks Message is encrypted for d>=4 Attributes used for ENC User 1 User 2 User 1 & User 2, d>=4 To prevent collusion attacks, choose a different polynomial q for each identity Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Toy example Fuzzy Identity Based Encryption

Encryption / Decryption (client side) Seminar biometrics and cryptography Content Part 4: Encryption / Decryption (client side) Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.1 Encryption (small universe) Remember the public Key: Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.2 Decryption (client side) Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.2 Decryption (client side) Notation spy: E‘=MYs Ei=Tis i= Attr. index S=subset of ID q()=rnd. Poly. Di=priv. keys s random fixed y random fixed M message Δ: lagrange coeff. Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.3 Explanation Notation spy: E‘=MYs Ei=Tis i= Attr. index S=subset of ID q()=rnd. Poly. Di=priv. keys s random fixed y random fixed M message Δ: lagrange coeff. Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.3 Explanation Now the polynomial interpolation takes place in the exponent: Notation spy: E‘=MYs Ei=Tis i= Attr. index S=subset of ID q()=rnd. Poly. Di=priv. keys s random fixed y random fixed M message Δ: lagrange coeff. Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.4 Extension of the scheme In prior construction size of public parameters (Universe and t‘s) grow linearly with the number of attributes in the universe Modification of the scheme that uses all elements of as universe, and only grows in parameter n, which denotes the max. size Identity we can use Usefull side effect: One can use any string as attribute For that we only need a hash-function to map a string to the universe: The construction is similar to the construction before Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.4 Extension of the Scheme Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.4 Extension of the Scheme The private key consists of two sets Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.5 Encryption is chosen randomly Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 4.6 Decryption Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Content Part 5: Security Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 5.1 Definitions sdfsdfsd Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 5.2 Security Model sdfsdfsd Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 5.3 Proof Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography Content Part 6: Conclusion Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 6 Conclusion Public key encryption without prior key exchange Only users identity is needed Identities must be unique Identities consist of attributes – which may be arbitrary strings, but also biometrics are possible Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 6 Conclusion Public key encryption without prior key exchange Only users identity is needed Identities must be unique Identities consist of attributes – which may be arbitrary strings, but also biometrics are possible Relies on a PKG, which must be a fully trusted server Biometric authentication to obtain the private keys Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 6 Conclusion Public key encryption without prior key exchange Only users identity is needed Identities must be unique Identities consist of attributes – which may be arbitrary strings, but also biometrics are possible Relies on a PKG, which must be a fully trusted server Biometric authentication to obtain the private keys Relies on a well trained officer to detect imitations Theoretical security is proven Scheme could be broken by attacking the officer Fuzzy Identity Based Encryption

Fuzzy Identity Based Encryption Seminar biometrics and cryptography 2.1 Standard Identity based Encryption Fuzzy Identity Based Encryption

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.