Download presentation
Presentation is loading. Please wait.
1
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Key-Policy Attribute-Based Encryption Present by Xiaokui Shu 09/08/2011
2
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 2 Application Scenario Basic KP-ABE Advanced Topics Related Work Secret-Sharing Scheme Fine-grained Access Control Identity-Based Encryption
3
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science How to share encrypted data? Alice decrypt data for Bob Alice give its key to Bob 3 Application Introduction Alice Bob
4
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 4 Application Introduction Alice Bob Dep: CS Group: Admin Dep: CS Group: Admin Eve Dep: ECE Group: Admin
5
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Log need to be encrypted Cannot be known to everyone Collaborative forensic analysis Someone need to known it “Someone” is not fixed Attributes User name Permitted time 5 Application: Audit Log
6
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Scenario A broadcaster broadcasts different items Each user is subscribed to a different “package” Broadcast Encryption Schemes Encrypting to an arbitrary subset of users Efficiency dependents on the size of users Attributes E.g. sports, news, financial 6 Application: Targeted Broadcast
7
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 7 Secret-Sharing Scheme ABE is not enough. Fine-grained access control needed.
8
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 8 Key-Policy Attribute-Based Encryption d admintimeCIAspec AliceBobPro. CS co- pro Ts == 2 OR
9
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science KP-ABE IBESSS Tree Secret-Sharing Scheme Fine-grained Access Control 9 All You Need to Know About KP-ABE
10
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Identity-based Encryption 10 SetupkExtract master-key Private Key Generator (PKG) Receiver Decrypt params Sender Encrypt M C M d ID ID Cite from http://courses.cs.vt.edu/cs6204/Privacy-Security/Presentations/Identity-Based-Encryption.pptx
11
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Key-Policy Attribute-Based Encryption :: IBE 11 SetupkKey Generation master- key Key Generator Receiv er Decrypt params Sender Encrypt M C M d s att A
12
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 12 Secret-Sharing Scheme Play with math.
13
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 13 Bilinear map
14
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Public parameters Encryption Decryption 14 Identity-Based Encryption Key to each attributeSecret Clue
15
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Public parameters Encryption Decryption 15 Identity-Based Encryption
16
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 16 Secret-Sharing Scheme
17
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 17 SSS Tree Secret of lower level is share of higher level
18
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 18 Secret-Sharing Scheme
19
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 19 Secret-Sharing Scheme Output: leaves’ Output: current node
20
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science AND, OR and Threshold n: number of children of a node k: number of shares to unlock a secret of a node AND: k == n OR: k == 1 Threshold: k > 1 && k < n Leaf: k == 1 20 Secret-Sharing Scheme
21
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 21 Secret-Sharing Scheme Sketch is done.
22
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Collusion 22 Advanced Topics: Security CS, admin ECE, dean CS, dean?
23
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Collusion resistance not set, but access tree 23 Advanced Topics: Security CSadmin ECEdean AND OR
24
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science From limited attributes to any arbitrary strings Unchanged: Setup, Encryption Modified: Key Generation, Decryption 24 Advanced Topics: Large Universe Construction
25
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 25 Advanced Topics: Delegation of Private Keys
26
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 26 Advanced Topics: Delegation of Private Keys
27
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Manipulations Adding a new trivial gate to T blue-green -> blue-red-green with 0-degree poly Manipulating an existing (t, n)-gate Converting a (t, n)-gate to a (t + 1, n)-gate Converting a (t, n)-gate to a (t + 1, n + 1)-gate Converting a (t, n)-gate to a (t, n-1)-gate Re-randomizing the obtained key New random poly “The given set of operations is complete” 27 Advanced Topics: Delegation of Private Keys
28
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science KP-ABE ciphertexts are associated with sets of attributes user secret keys are associated with policies CP-ABE user keys are associated with sets of attributes ciphertexts are associated with policies 28 Related Work: CP-ABE
29
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style 29 Secret-Sharing Scheme Thank you!
30
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Decisional Bilinear Diffie-Hellman Assumption 30 Advanced Topics: Security
31
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Manipulations details Adding a new trivial gate to T Converting a (t, n)-gate to a (t + 1, n)-gate Converting a (t, n)-gate to a (t + 1, n + 1)-gate Converting a (t, n)-gate to a (t, n-1)-gate 31 Advanced Topics: Delegation of Private Keys
Similar presentations
