Paper 2022/854
On Access Control Encryption without Sanitization
, Technion – Israel Institute of Technology, Interdisciplinary Center Herzliya, Aarhus UniversityAbstract
Access Control Encryption (ACE) allows to control information flow between parties by enforcing a policy that specifies which user can send messages to whom. The core of the scheme is a sanitizer, i.e., an entity that ''sanitizes'' all messages by essentially re-encrypting the ciphertexts under its key. In this work we investigate the natural question of whether it is still possible to achieve some meaningful security properties in scenarios when such a sanitization step is not possible. We answer positively by showing that it is possible to limit corrupted users to communicate only through insecure subliminal channels, under the necessary assumption that parties do not have pre-shared randomness. Moreover, we show that the bandwidth of such channels can be limited to be O(log(n)) by adding public ciphertext verifiability to the scheme under computational assumptions. In particular, we rely on a new security definition for obfuscation, Game Specific Obfuscation (GSO), which is a weaker definition than VBB, as it only requires the obfuscator to obfuscate programs in a specific family of programs, and limited to a fixed security game.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. SCN 2022
- Keywords
- public key encryption access control subliminal channels predicate encryption obfuscation
- Contact author(s)
-
cecilia bo @ cs technion ac il
ivan @ cs au dk
orlandi @ cs au dk - History
- 2022-06-29: approved
- 2022-06-28: received
- See all versions
- Short URL
- https://ia.cr/2022/854
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/854,
author = {Cecilia Boschini and Ivan Damgård and Claudio Orlandi},
title = {On Access Control Encryption without Sanitization},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/854},
year = {2022},
url = {https://eprint.iacr.org/2022/854}
}
