Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Key-Policy Attribute-Based Encryption Present by Xiaokui Shu 09/08/2011

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 2 Application Scenario Basic KP-ABE Advanced Topics Related Work Secret-Sharing Scheme Fine-grained Access Control Identity-Based Encryption

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  How to share encrypted data?  Alice decrypt data for Bob  Alice give its key to Bob 3 Application Introduction Alice Bob

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 4 Application Introduction Alice Bob Dep: CS Group: Admin Dep: CS Group: Admin Eve Dep: ECE Group: Admin

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Log need to be encrypted  Cannot be known to everyone  Collaborative forensic analysis  Someone need to known it  “Someone” is not fixed  Attributes  User name  Permitted time 5 Application: Audit Log

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Scenario  A broadcaster broadcasts different items  Each user is subscribed to a different “package”  Broadcast Encryption Schemes  Encrypting to an arbitrary subset of users  Efficiency dependents on the size of users  Attributes  E.g. sports, news, financial 6 Application: Targeted Broadcast

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 7 Secret-Sharing Scheme ABE is not enough. Fine-grained access control needed.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 8 Key-Policy Attribute-Based Encryption d admintimeCIAspec AliceBobPro. CS co- pro Ts == 2 OR

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science KP-ABE IBESSS Tree Secret-Sharing Scheme Fine-grained Access Control 9 All You Need to Know About KP-ABE

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Identity-based Encryption 10 SetupkExtract master-key Private Key Generator (PKG) Receiver Decrypt params Sender Encrypt M C M d ID ID Cite from

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science Key-Policy Attribute-Based Encryption :: IBE 11 SetupkKey Generation master- key Key Generator Receiv er Decrypt params Sender Encrypt M C M d s att A

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 12 Secret-Sharing Scheme Play with math.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 13 Bilinear map

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Public parameters  Encryption  Decryption 14 Identity-Based Encryption Key to each attributeSecret Clue

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Public parameters  Encryption  Decryption 15 Identity-Based Encryption

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 16 Secret-Sharing Scheme

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 17 SSS Tree Secret of lower level is share of higher level

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 18 Secret-Sharing Scheme

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 19 Secret-Sharing Scheme Output: leaves’ Output: current node

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  AND, OR and Threshold  n: number of children of a node  k: number of shares to unlock a secret of a node  AND: k == n  OR: k == 1  Threshold: k > 1 && k < n  Leaf: k == 1 20 Secret-Sharing Scheme

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 21 Secret-Sharing Scheme Sketch is done.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Collusion 22 Advanced Topics: Security CS, admin ECE, dean CS, dean?

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Collusion resistance  not set, but access tree 23 Advanced Topics: Security CSadmin ECEdean AND OR

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  From limited attributes to any arbitrary strings  Unchanged: Setup, Encryption  Modified: Key Generation, Decryption 24 Advanced Topics: Large Universe Construction

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 25 Advanced Topics: Delegation of Private Keys

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science 26 Advanced Topics: Delegation of Private Keys

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Manipulations  Adding a new trivial gate to T blue-green -> blue-red-green with 0-degree poly  Manipulating an existing (t, n)-gate Converting a (t, n)-gate to a (t + 1, n)-gate Converting a (t, n)-gate to a (t + 1, n + 1)-gate Converting a (t, n)-gate to a (t, n-1)-gate  Re-randomizing the obtained key New random poly  “The given set of operations is complete” 27 Advanced Topics: Delegation of Private Keys

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  KP-ABE  ciphertexts are associated with sets of attributes  user secret keys are associated with policies  CP-ABE  user keys are associated with sets of attributes  ciphertexts are associated with policies 28 Related Work: CP-ABE

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 29 Secret-Sharing Scheme Thank you!

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Decisional Bilinear Diffie-Hellman Assumption 30 Advanced Topics: Security

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, Privacy&Security - Virginia Tech – Computer Science  Manipulations details  Adding a new trivial gate to T  Converting a (t, n)-gate to a (t + 1, n)-gate  Converting a (t, n)-gate to a (t + 1, n + 1)-gate  Converting a (t, n)-gate to a (t, n-1)-gate 31 Advanced Topics: Delegation of Private Keys