ebook img

Theory and Applications of Outsider Anonymity in Broadcast Encryption PDF

161 Pages·2015·2.39 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Theory and Applications of Outsider Anonymity in Broadcast Encryption

THEORY AND APPLICATIONS OF OUTSIDER ANONYMITY IN BROADCAST ENCRYPTION by IRIPPUGE DESHAN MILINDA PERERA A dissertation submitted to the Graduate Faculty in Computer Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy, The City University of New York 2015 ii © 2015 IRIPPUGE DESHAN MILINDA PERERA All Rights Reserved iv Abstract Theory and Applications of Outsider Anonymity in Broadcast Encryption by Irippuge Deshan Milinda Perera Adviser: Dr. Nelly Fazio Broadcast encryption (BE) allows e�cient one-to-many secret communication of data over a broadcast channel. In the standard setting of BE, information about receivers is transmitted in the clear together with ciphertexts. This could be a serious violation of recipient privacy since the identities of the users authorized to access the secret content in certain broadcast scenarios are as sensitive as the content itself. Anonymous broadcast encryption (AnoBE) prevents this leakage of recipient identities from ciphertexts but at a cost of a linear lower bound (in the number of receivers) on the length of ciphertexts. A linear ciphertext length is a highly undesirable bottleneck in any large-scale broadcast application. In this thesis, we propose a less stringent yet very meaningful notion of anonymity for broadcast encryption called outsider- anonymous broadcast encryption (oABE) that allows the creation of ciphertexts that are sublinear in the number of receivers. We construct several oABE schemes with varyingsecurityguaranteesandlevels ofe�ciency. Wealsopresenttwoveryinteresting cryptographic applications a�orded by the e�ciency of our oABE schemes. The first is broadcast steganography (BS), the extension of the state of the art setting of point- to-point steganography to the multi-recipient setting. The second is oblivious group storage (OGS), the introduction of fine-grained data access control policies to the setting of multi-client oblivious cloud storage protocols. v Acknowledgments I express my deepest gratitude to Dr. Nelly Fazio for being such a wonderful Ph.D. adviser and friend. Without Nelly, this dissertation would never have been possible. She introduced me to the field of cryptography during the senior year of my undergraduate studies, and advised me to pursue a doctoral degree in computer science. For that I’m truly grateful. During my Ph.D. years, she also made sure that I’m financially fit to devote as much time as possible on doctoral research by providing me with continuous funding. I appreciate her inspiration, guidance, and encouragement that made my life as a graduate student both enjoyable and productive. Nelly, it has been a privilege and a great honor to be your first Ph.D. student! I thank my supervisory committee, Dr. Rosario Gennaro, Dr. Antonio Nicolosi, and Dr. William E. Skeith III, for providing helpful suggestions and constructive criticisms. A special thanks goes to Rosario for organizing weekly reading groups that exposed my colleagues and me to cutting-edge research results in cryptography. I express my appreciation to the Graduate Center of CUNY for awarding me the Enhanced Chancellor’s Fellowship to support my doctoral studies. I also thank Dr. Theodore Brown for admitting me to the doctoral program, and Dr. Robert Haralick for his academic advisement. Lots of thanks go to Lina Garcia and Dilvania Rodriguez for all their help with administrative matters. Kudos to all my friends and family who helped me in a multitude of ways to reach this stage in my life. My heartfelt appreciation goes to my parents who have instilled within me a love for intellectual pursuits. I’m grateful to my father for sharing with me the stories of hardships he had to overcome during his childhood. Though I found them dull when I was a child, they later gave me a strong sense of perseverance, especially during the last five-year trek of Ph.D. studies. No words are enough to convey my gratitude to my loving wife and best friend, QiQi. She is the best thing that ever happened (and continues to happen) in my life! vi To QiQi ... Contents 1 Introduction 1 1.1 Organization of the Dissertation . . . . . . . . . . . . . . . . . . . . . 4 2 Preliminaries 6 2.1 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2 Di�e-Hellman Assumptions . . . . . . . . . . . . . . . . . . . . . . . 7 2.2.1 Computational Di�e-Hellman Assumption . . . . . . . . . . . 7 2.2.2 Decisional Di�e-Hellman Assumption . . . . . . . . . . . . . . 8 2.2.3 Strong Twin Computational Di�e-Hellman Assumption . . . . 8 2.3 Hashing Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.3.1 Entropy-Smoothing Hashing . . . . . . . . . . . . . . . . . . . 9 2.3.2 Strong 2-Universal Hashing . . . . . . . . . . . . . . . . . . . 10 2.4 Cryptographic Primitives . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.4.1 Encapsulation Mechanism . . . . . . . . . . . . . . . . . . . . 10 2.4.2 Strong Existentially Unforgeable One-Time Signature . . . . . 11 2.4.3 Anonymous (Hierarchical) Identity-Based Encryption . . . . . 13 2.4.4 Broadcast Encryption . . . . . . . . . . . . . . . . . . . . . . 19 2.4.5 Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . 22 2.4.6 Multi-User Oblivious Random Access Machine . . . . . . . . . 26 2.5 Subset Cover Framework . . . . . . . . . . . . . . . . . . . . . . . . . 31 vii CONTENTS viii 2.5.1 Complete Subtree Method . . . . . . . . . . . . . . . . . . . . 32 2.5.2 Extension of the Subset Cover Framework to the Public-Key Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 3 Outsider-Anonymous Broadcast Encryption 35 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 3.2 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 3.3 Formal Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 3.3.1 Setting of oABE . . . . . . . . . . . . . . . . . . . . . . . . . 42 3.3.2 Security of oABE . . . . . . . . . . . . . . . . . . . . . . . . . 43 3.4 Constructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 3.4.1 A Generic oABE-IND-CPA-Secure Public-Key Construction . 47 3.4.2 A Generic oABE-IND-CCA-Secure Public-Key Construction . 53 3.4.3 An Enhanced oABE-IND-CCA-Secure Public-Key Construction in the Random Oracle Model . . . . . . . . . . . . . . . . . . 61 3.4.4 An Enhanced oABE-CCA-Secure Public-Key Construction in the Standard Model . . . . . . . . . . . . . . . . . . . . . . . 72 3.4.5 An Enhanced oABE-IND-CCA-Secure Public-Key Construction with Shorter Ciphertexts . . . . . . . . . . . . . . . . . . . . . 75 3.4.6 An Enhanced oABE-IND-CCA-Secure Private-Key Construction 76 4 Broadcast Steganography 78 4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 4.2 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 4.3 Formal Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 4.3.1 Setting of BS . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 4.3.2 Security of BS . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 4.4 Anonymity and Pseudorandomness in Broadcast Encryption . . . . . 90 CONTENTS ix 4.4.1 Security of oABE$ . . . . . . . . . . . . . . . . . . . . . . . . 91 4.4.2 An oABE$-IND-CCA-Secure Construction . . . . . . . . . . . 94 4.5 Constructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 4.5.1 A BS-IND-CHA-Secure Construction . . . . . . . . . . . . . . 109 4.5.2 A BS-IND-CCA-Secure Construction . . . . . . . . . . . . . . 113 5 Oblivious Group Storage 118 5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 5.2 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 5.3 Formal Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 5.3.1 Setting of OGS . . . . . . . . . . . . . . . . . . . . . . . . . . 124 5.3.2 Security of OGS . . . . . . . . . . . . . . . . . . . . . . . . . 127 5.4 Construction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Bibliography 142 List of Tables 3.1 A comparison of (outsider-)anonymous broadcast encryption schemes 40 4.1 The parameters of our black-box broadcast steganography schemes . 84 5.1 A comparison of di�erent kinds of oblivious cloud storage protocols. . 122 x

Description:
IRIPPUGE DESHAN MILINDA PERERA Adviser: Dr. Nelly Fazio .. The origins of cryptography are rooted almost exclusively in diplomatic, military,
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.