Related papers: Server-Aided Revocable Predicate Encryption: Forma…
Access control to data in traditional enterprises is typically enforced through reference monitors. However, as more and more enterprise data is outsourced, trusting third party storage servers is getting challenging. As a result,…
We introduce a credential verification protocol leveraging on Ciphertext-Policy Attribute-Based Encryption. The protocol supports anonymous proof of predicates and revocation through accumulators.
In identity-based encryption (IBE) systems, an efficient key delegation method to manage a large number of users and an efficient key revocation method to handle the dynamic credentials of users are needed. Revocable hierarchical IBE…
The concept of proxy re-encryption (PRE) dates back to the work of Blaze, Bleumer, and Strauss in 1998. PRE offers delegation of decryption rights, i.e., it securely enables the re-encryption of ciphertexts from one key to another, without…
Efficient and secure revocable attribute-based encryption (RABE) is vital for ensuring flexible and fine-grained access control and data sharing in cloud storage and outsourced data environments within the Internet of Things (IoT). However,…
Cloud storage is a new computing paradigm that allows users to store their data in the cloud and access them anytime anywhere through the Internet. To address the various security issues that may arise in the cloud storage accessed by a…
Proxy re-encryption (PRE) securely enables the re-encryption of ciphertexts from one key to another, without relying on trusted parties, i.e., it offers delegation of decryption rights. PRE allows a semi-trusted third party termed as a…
Cloud computing can provide a flexible way to effectively share data among multiple users since it can overcome the time and location constraints of computing resource usage. However, the users of cloud computing are still reluctant to…
Role-Based Access Control (RBAC) is a popular model which maps roles to access permissions for resources and then roles to the users to provide access control. Role-Based Encryption (RBE) is a cryptographic form of RBAC model that…
In this paper we present reclaimID: An architecture that allows users to reclaim their digital identities by securely sharing identity attributes without the need for a centralised service provider. We propose a design where user attributes…
Secure key leasing (a.k.a. key-revocable cryptography) enables us to lease a cryptographic key as a quantum state in such a way that the key can be later revoked in a verifiable manner. We propose a simple framework for constructing…
Quantum cryptography leverages many unique features of quantum information in order to construct cryptographic primitives that are oftentimes impossible classically. In this work, we build on the no-cloning principle of quantum mechanics…
A revocable-storage attribute-based encryption (RS-ABE) scheme is an encryption scheme which extends attribute-based encryption by intro- ducing user revocation. A key-policy RS-ABE scheme links each key to an access structure. We propose a…
Puncturable encryption (PE), proposed by Green and Miers at IEEE S&P 2015, is a kind of public key encryption that allows recipients to revoke individual messages by repeatedly updating decryption keys without communicating with senders. PE…
In this work, we consider the problem of secure key leasing, also known as revocable cryptography (Agarwal et. al. Eurocrypt' 23, Ananth et. al. TCC' 23), as a strengthened security notion of its predecessor put forward in Ananth et. al.…
Although TLS is used on a daily basis by many critical applications, the public-key infrastructure that it relies on still lacks an adequate revocation mechanism. An ideal revocation mechanism should be inexpensive, efficient, secure, and…
Searchable encryption (SE) is one of the key enablers for building encrypted databases. It allows a cloud server to search over encrypted data without decryption. Dynamic SE additionally includes data addition and deletion operations to…
We propose a novel quantum-resistant mutual authentication scheme for radio-frequency identification (RFID) systems. Our scheme uses lattice-based cryptography and, in particular, achieves quantum-resistance by leveraging the hardness of…
Anonymous authentication is a technique that allows to combine access control with privacy preservation. Typically, clients use different pseudonyms for each access, hindering providers from correlating their activities. To perform the…
In Identity-Based Encryption (IBE) systems, key revocation is non-trivial. This is because a user's identity is itself a public key. Moreover, the private key corresponding to the identity needs to be obtained from a trusted key authority…