Aarhus Universitets segl

On Access Control Encryption Without Sanitization

Publikation: Bidrag til bog/antologi/rapport/proceedingKonferencebidrag i proceedingsForskningpeer review

Access Control Encryption (ACE) [4] allows to control information flow between parties by enforcing a policy that specifies which user can send messages to whom. The core of the scheme is a sanitizer, i.e., an entity that “sanitizes” all messages by essentially re-encrypting the ciphertexts under its key. In this work we investigate the natural question of whether it is still possible to achieve some meaningful security properties in scenarios when such a sanitization step is not possible. We answer positively by showing that it is possible to limit corrupted users to communicate only through insecure subliminal channels, under the necessary assumption that parties do not have pre-shared randomness. Moreover, we show that the bandwidth of such channels can be limited to be O (log (λ) ) by adding public ciphertext verifiability to the scheme under computational assumptions. In particular, we rely on a new security definition for obfuscation, Game Specific Obfuscation (GSO), which is a weaker definition than VBB, as it only requires the obfuscator to obfuscate programs in a specific family of programs, and limited to a fixed security game.

TitelSecurity and Cryptography for Networks. SCN 2022
RedaktørerClemente Galdi, Stanislaw Jarecki
Antal sider24
ISBN (trykt)978-3-031-14790-6
ISBN (Elektronisk)978-3-031-14791-3
StatusUdgivet - 2022
Begivenhed13th International Conference on Security and Cryptography for Networks, SCN 2022 - Amalfi, Italien
Varighed: 12 sep. 202214 sep. 2022


Konference13th International Conference on Security and Cryptography for Networks, SCN 2022
SerietitelLecture Notes in Computer Science

Se relationer på Aarhus Universitet Citationsformater

ID: 303742383