SACfe: Secure Access Control in Functional Encryption with Unbounded Data

Uddipana Dowerah; Subhranil Dutta; Frank Hartmann; Aikaterini Mitrokotsa; Sayantan Mukherjee; Tapas Pal

Paper 2024/1031

SACfe: Secure Access Control in Functional Encryption with Unbounded Data

Uddipana Dowerah, University of St. Gallen

Subhranil Dutta, Indian Institute of Technology Kharagpur

Frank Hartmann, University of St. Gallen

Aikaterini Mitrokotsa, University of St. Gallen

Sayantan Mukherjee, Indian Institute of Technology Jammu

Tapas Pal, Karlsruhe Institute of Technology

Abstract

Privacy is a major concern in large-scale digital applications, such as cloud-computing, machine learning services, and access control. Users want to protect not only their plain data but also their associated attributes (e.g., age, location, etc). Functional encryption (FE) is a cryptographic tool that allows fine-grained access control over encrypted data. However, existing FE fall short as they are either inefficient and far from reality or they leak sensitive user-specific information. We propose SACfe, a novel attribute-based FE scheme that provides secure, fine-grained access control and hides both the user’s attributes and the function applied to the data, while preserving the data’s confidentiality. Moreover, it enables users to encrypt unbounded-length messages along with an arbitrary number of hidden attributes into ciphertexts. We design SACfe, a protocol for performing linear computation on encrypted data while enforcing access control based on inner product predicates. We show how SACfe can be used for online biometric authentication for privacy-preserving access control. As an additional contribution, we introduce an attribute-based linear FE for unbounded length of messages and functions where access control is realized by monotone span programs. We implement our protocols using the CiFEr cryptographic library and show its efficiency for practical settings.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. IEEE European Symposium on Security and Privacy (EuroS&P) 2024
Keywords: unbounded functional encryption full-hiding access-control biometric authentication
Contact author(s): uddipana dowerah @ unisg ch
subhranildutta @ iitkgp ac in
frank hartmann @ unisg ch
katerina mitrokotsa @ unisg ch
csayantan mukherjee @ gmail com
tapas pal @ kit edu
History: 2024-06-28: approved; 2024-06-26: received; See all versions
Short URL: https://ia.cr/2024/1031
License: CC BY

BibTeX

@misc{cryptoeprint:2024/1031,
      author = {Uddipana Dowerah and Subhranil Dutta and Frank Hartmann and Aikaterini Mitrokotsa and Sayantan Mukherjee and Tapas Pal},
      title = {{SACfe}: Secure Access Control in Functional Encryption with Unbounded Data},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1031},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1031}
}