Cryptology ePrint Archive: Report 2011/255
Hiding the Policy in Cryptographic Access Control
Sascha Müller and Stefan Katzenbeisser
Abstract: Recently, cryptographic access control has received a lot of attention, mainly due to the availability of efficient \emph{Attribute-Based Encryption (ABE)} schemes. ABE allows to get rid of a trusted reference monitor by enforcing access rules in a cryptographic way. However, ABE has a privacy problem: The access policies are sent in clear along with the ciphertexts. Further generalizing the idea of policy-hiding in cryptographic access control, we introduce \emph{policy anonymity} where -- similar to the well-understood concept of $k$-anonymity -- the attacker can only see a large set of possible policies that might have been used to encrypt, but is not able to identify the one that was actually used. We show that using a concept from graph theory we can extend a known ABE construction to achieve the desired privacy property.
Category / Keywords: cryptographic protocols / access control, privacy, tree majors, abe, anonymity, hidden policies
Publication Info: This is the full version of the eponymous paper published at the 7th International Workshop on Security and Trust Management (STM '11)
Date: received 24 May 2011, last revised 24 May 2011
Contact author: mueller at seceng informatik tu-darmstadt de
Available format(s): PDF | BibTeX Citation
Version: 20110525:063141 (All versions of this report)
Short URL: ia.cr/2011/255
[ Cryptology ePrint archive ]