Download
1 / 13
130 likes | 322 Views
Sonia Jahid, Prateek Mittal, Nikita Borisov University of Illinois at Urbana-Champaign Presented by Nikita Borisov ASIACCS 2011. EASiER: Encryption-based Access Control in Social Networks with Efficient Revocation. Motivation. Encryption. Encrypt social network data
E N D
Sonia Jahid, Prateek Mittal, Nikita Borisov University of Illinois at Urbana-Champaign Presented by Nikita Borisov ASIACCS 2011 EASiER: Encryption-based Access Control in Social Networks with Efficient Revocation
Encryption • Encrypt social network data • flyByNight [Lucas&Borisov’08] • NOYB [Guha et al.’09] • FaceCloak [Luo et al.’09] • Persona [Baden et al.’09] • Users directly control access • Grant access by distributing keys • Revoke access by…?
Revocation Existing Data Re-encrypt Our Contribution: Efficient revocation without rekeying or re-encryption, by using a minimally trusted proxy Alice Bob Carol Diana Expensive!
OR AND Colleague 1 Friend Neighbor System Architecture KeyGen Encrypt Setup Revoke /KeyProxy Decrypt Convert KeyProxy (Revoke Bob) PK, MK Alice Proxy CTcomponent Modified CTcomponent Carol Diana Bob friend, colleague colleague friend, neighbor
Algorithms - Basic Idea(cf. [Naor&Pinkas’00]) Point to Determine, P(0) SK SKr,r1 SKr,r2 SKr,r3 SKr,r4 Convert CT CT’
Security • Immediate revocation • As soon as proxy updated • Including past data • Minimally trusted proxy • Cannot decrypt data • Cannot “unrevoke” users even if compromised
Comparison • Conventional revocation • Rekey 500 friends: 5s • Decrypt 2000 items: 13s • Encrypt 2000 items: 36s • EASiER: 1.5s
Conclusion • We introduced an efficient revocation scheme for ABE • Useful in OSNs • Potential uses in other ABE deployments • Open problems • Forward security of proxy • Stronger security proofs Sonia Jahid Prateek Mittal
Questions? Sonia Jahid Prateek Mittal
