Predicate encryption systems. No query left unanswered

File:tesi V. Iovino.pdfDescription:tesi di dottoratoShow FileMIME type:application/pdfFile Size:0.9 Mb
tesi V. Iovino.pdf

Description:tesi di dottorato  presentazione tesi in PowerPointShow FileMIME type:application/pdfFile Size:387.9 Kb
tesi  presentazione in PowerPoint V. Iovino.pdf
Soggetto
Cryptography; EncryptionAbstract
Predicate encryption is an important cryptographic primitive (see [7, 14, 28]) that enables
finegrained control on the decryption keys. Let T be a class of binary predicates. Roughly speaking, in a predicate encryption scheme for the owner of the master secret key Msk can derive secret key Sk_P , for any predicate P in T. In encrypting a message M, the sender can specify an attribute x and the resulting ciphertext X can be decrypted only by using keys Sk_P such that P(x) = 1. Our main contribution is the first construction of a predicate encryption scheme that can be proved fully secure against unrestricted queries
by probabilistic polynomialtime adversaries under noninteractive constant sized (that is, independent of the length of the attribute vectors) hardness assumptions on bilinear
groups. Specifically, we consider Hidden Vector Encryption (HVE for short), a notable case
of predicate encryption introduced by Boneh and Waters [14]. In a HVE scheme, the
ciphertext attributes are vectors x of some fixed length l over some alphabet A, keys are
associated with vectors y of the same length l over the alphabet B that equals A enlarged with the special symbol '*', and we consider the Match(x,y) predicate which is true if and only if, for all i, when y_i is different from *, then x_i = y_i.
Previous constructions limited the proof of security to restricted adversaries that could
ask only nonmatching queries; that is, for challenge attribute vectors x_0 and x_1, the
adversary could ask only keys for vectors y such that Match(x_0, y) = Match(x_1, y) = 0.
Generally speaking, restricted adversaries can ask only queries that do not satisfy neither
of the challenge attributes. At time of writing, the construction of schemes secure against
unrestricted adversaries was an open problem, not just for HVE, but for any nontrivial
predicate encryption system and a candidate solution for HVE is presented in this thesis.
Beyond that, we will also discuss other kinds of predicate encryption systems, their security notions and applications. [edited by author]
Descrizione
2009  2010
Collections
Data
20110509Autore
Iovino, Vincenzo
Metadata
Mostra tutti i dati dell'itemAutori  Iovino, Vincenzo  
Data Realizzazione  20120110T09:48:24Z  
Date Disponibilità  20120110T09:48:24Z  
Data di Pubblicazione  20110509  
Identificatore (URI)  http://hdl.handle.net/10556/234  
Descrizione  2009  2010  en_US 
Abstract  Predicate encryption is an important cryptographic primitive (see [7, 14, 28]) that enables finegrained control on the decryption keys. Let T be a class of binary predicates. Roughly speaking, in a predicate encryption scheme for the owner of the master secret key Msk can derive secret key Sk_P , for any predicate P in T. In encrypting a message M, the sender can specify an attribute x and the resulting ciphertext X can be decrypted only by using keys Sk_P such that P(x) = 1. Our main contribution is the first construction of a predicate encryption scheme that can be proved fully secure against unrestricted queries by probabilistic polynomialtime adversaries under noninteractive constant sized (that is, independent of the length of the attribute vectors) hardness assumptions on bilinear groups. Specifically, we consider Hidden Vector Encryption (HVE for short), a notable case of predicate encryption introduced by Boneh and Waters [14]. In a HVE scheme, the ciphertext attributes are vectors x of some fixed length l over some alphabet A, keys are associated with vectors y of the same length l over the alphabet B that equals A enlarged with the special symbol '*', and we consider the Match(x,y) predicate which is true if and only if, for all i, when y_i is different from *, then x_i = y_i. Previous constructions limited the proof of security to restricted adversaries that could ask only nonmatching queries; that is, for challenge attribute vectors x_0 and x_1, the adversary could ask only keys for vectors y such that Match(x_0, y) = Match(x_1, y) = 0. Generally speaking, restricted adversaries can ask only queries that do not satisfy neither of the challenge attributes. At time of writing, the construction of schemes secure against unrestricted adversaries was an open problem, not just for HVE, but for any nontrivial predicate encryption system and a candidate solution for HVE is presented in this thesis. Beyond that, we will also discuss other kinds of predicate encryption systems, their security notions and applications. [edited by author]  en_US 
Lingua  en  en_US 
Editore  Universita degli studi di Salerno  en_US 
Soggetto  Cryptography  en_US 
Soggetto  Encryption  en_US 
Titolo  Predicate encryption systems. No query left unanswered  en_US 
Tipo  Doctoral Thesis  en_US 
MIUR  INF/01 INFORMATICA  en_US 
Coordinatore  Napoli, Margherita  en_US 
Ciclo  IX n.s.  en_US 
Tutor  Persiano, Giuseppe  en_US 
Dipartimento  Informatica  en_US 