Paper 2017/467

Access Control Encryption for General Policies from Standard Assumptions

Sam Kim and David J. Wu

Abstract

Functional encryption enables fine-grained access to encrypted data. In many scenarios, however, it is important to control not only what users are allowed to read (as provided by traditional functional encryption), but also what users are allowed to send. Recently, Damgård et al. (TCC 2016) introduced a new cryptographic framework called access control encryption (ACE) for restricting information flow within a system in terms of both what users can read as well as what users can write. While a number of access control encryption schemes exist, they either rely on strong assumptions such as indistinguishability obfuscation or are restricted to simple families of access control policies. In this work, we give the first ACE scheme for arbitrary policies from standard assumptions. Our construction is generic and can be built from the combination of a digital signature scheme, a predicate encryption scheme, and a (single-key) functional encryption scheme that supports randomized functionalities. All of these primitives can be instantiated from standard assumptions in the plain model and therefore, we obtain the first ACE scheme capable of supporting general policies from standard assumptions. One possible instantiation of our construction relies upon standard number-theoretic assumptions (namely, the DDH and RSA assumptions) and standard lattice assumptions (namely, LWE). Finally, we conclude by introducing several extensions to the ACE framework to support dynamic and more fine-grained access control policies.

Metadata
Available format(s)
PDF
Publication info
A minor revision of an IACR publication in ASIACRYPT 2017
Keywords
access control encryptionfunctional encryptioninformation flow control
Contact author(s)
skim13 @ cs stanford edu
History
2017-09-06: revised
2017-05-28: received
See all versions
Short URL
https://ia.cr/2017/467
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/467,
      author = {Sam Kim and David J.  Wu},
      title = {Access Control Encryption for General Policies from Standard Assumptions},
      howpublished = {Cryptology ePrint Archive, Paper 2017/467},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/467}},
      url = {https://eprint.iacr.org/2017/467}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.