Oblivious transfer with access control

Camenisch, Jan; Dubovitskaya, Maria; Neven, Gregory

doi:10.1145/1653662.1653679

Cited by 101 publications

(120 citation statements)

References 37 publications

Supporting

Mentioning

120

Contrasting

Order By: Relevance

“…Camenisch et al [2] propose an ideal functionality F OTAC for oblivious transfer with access control (OTAC).…”

Section: Oblivious Transfer With Access Controlmentioning

confidence: 99%

“…As a concrete example, we show how to modify the OTAC protocol by Camenisch et al [2] so that it can handle multiple issuers. At setup, each of the issuers I run the protocol ISetup described in Figure 2 in [2] in order to compute a private key sk I = x I and a public key pk I = (g 1 , h 0 , h 1 , h 2 , u, v, w, g t , h t , y I ) to compute and verify signatures.…”

Section: Applications Of the New Ideal Functionality F R Iotacmentioning

confidence: 99%

“…Oblivious transfer with access control (OTAC) [2] allows the sender to control access to the messages. The sender receives as input (m 1 , P 1 , .…”

Section: Introductionmentioning

confidence: 99%

“…Sender privacy requires that the receiver does not learn any information on messages that were not requested or on messages whose access control policy is not fulfilled by the receiver's attributes. Additionally, in some schemes, the access control policies are hidden from the receivers [3], while in other schemes they are public [2,4]. We describe in detail the security definition for OTAC with public policies in Section 2.…”

Section: Introductionmentioning

confidence: 99%

“…In this paper, we show that the security definition for issuer-free OTAC in [5,6] poses a problem. In a nutshell, the security definition for OTAC with public policies proposed by Camenisch et al [2] allows the issuer to learn the receiver's identity and http://dx.doi.org/10.1016/j.ipl.2017.05.006 0020-0190/© 2017 Elsevier B.V. All rights reserved. the receiver's attributes in order to attest whether the receiver indeed possesses those attributes.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Issuer-free oblivious transfer with access control revisited

Rial

2017

Information Processing Letters

View full text Add to dashboard Cite

Oblivious transfer with access control (OTAC) is an extension of oblivious transfer where each message is associated with an access control policy. A receiver can obtain a message only if her attributes satisfy the access control policy for that message. In most schemes, the receiver's attributes are certified by an issuer. Recently, two Issuer-Free OTAC protocols have been proposed. We show that the security definition for Issuer-Free OTAC fulfilled by those schemes poses a problem. Namely, the sender is not able to attest whether a receiver possesses a claimed attribute. Because of this problem, in both Issuer-Free OTAC protocols, any malicious receiver can obtain any message from the sender, regardless of the access control policy associated with the message. To address this problem, we propose a new security definition for Issuer-Free OTAC. Our definition requires the receiver to prove in zero-knowledge to the sender that her attributes fulfill some predicates. Our definition is suitable for settings with multiple issuers because it allows the design of OTAC protocols where the receiver, when accessing a record, can hide the identity of the issuer that certified her attributes.

show abstract

“…Camenisch et al [2] propose an ideal functionality F OTAC for oblivious transfer with access control (OTAC).…”

Section: Oblivious Transfer With Access Controlmentioning

confidence: 99%

Section: Applications Of the New Ideal Functionality F R Iotacmentioning

confidence: 99%

“…Oblivious transfer with access control (OTAC) [2] allows the sender to control access to the messages. The sender receives as input (m 1 , P 1 , .…”

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Issuer-free oblivious transfer with access control revisited

Rial

2017

Information Processing Letters

View full text Add to dashboard Cite

show abstract

Oblivious transfer with hidden access control and outsourced decryption from deterministic finite automata‐based functional encryption for an in‐vehicle sensor database system

Wahaballa

Qin

Abdalla

et al. 2020

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Vehicle sensors are continuously observing the state of the vehicle, collecting and transmitting data from/to surrounding road users. The sensors data are then processed and stored in an in-vehicle sensor database in the form of records.These records can be accessed and shared by other vehicles or road side units with the aim to improve road safety. However, these records may contain a very sensitive information, such as vehicles' identifiers and location. This information requires extraordinary protection to ensure privacy and confidentiality of the vehicle users. In this article, we propose a secure oblivious transfer protocol with hidden access control and outsourced decryption from deterministic finite automata (DFA)-based functional encryption (HACOT-DFA). To reduce the computational costs for users with limited resources, we securely offload the heavy decryption overhead on the user side to an untrusted cloud server.Then, we experimentally compare our HACOT-DFA protocol against existing HACOT protocols in three different platform settings: the smartphone, the desktop personal computer, and the embedded device Raspberry Pi. The analyses demonstrate that the proposed HACOT-DFA protocol is more efficient and computationally stable than previous work. Our security proof holds in the standard model using a dual-system encryption approach.

show abstract

Universally composable issuer‐free adaptive oblivious transfer with access policy

Guleria

Dutta

2015

Security Comm Networks

View full text Add to dashboard Cite

In today's Internet world, security, privacy and efficiency are three prime concerns in designing any cryptographic protocol. Adaptive oblivious transfer with access policy (AOT-AP) is widely used in oblivious search of privacy preserving databases in which each message is associated with an access policy and only authorized receivers can access the databases. All the existing AOT-AP protocols assume a trusted third party called issuer apart from a sender and multiple receivers and are secure under the restriction that the issuer never colludes with a collection of receivers. We propose the first issuer-free AOT-AP in universal composable (UC) framework. Our issuer-free AOT-AP is UC secure under standard assumptions assuming malicious adversary in static corruption model. More interestingly, our scheme exhibits significant improvements over the existing schemes.

show abstract

Oblivious transfer with access control

Cited by 101 publications

References 37 publications

Issuer-free oblivious transfer with access control revisited

Issuer-free oblivious transfer with access control revisited

Oblivious transfer with hidden access control and outsourced decryption from deterministic finite automata‐based functional encryption for an in‐vehicle sensor database system

Universally composable issuer‐free adaptive oblivious transfer with access policy

Contact Info

Product

Resources

About