Efficient oblivious transfers with access control

Oblivious transfer (OT) is a protocol where a receiver can obtain t-out-of-n services from the sender without releasing anything about his choices. OT can be used to protect user's privacy. In principle, any user can interact with a server to request some services. This might allow some undesirable users to obtain services from the server. How to ensure that only the authorized receivers can obtain services obliviously is a daunting task. In this paper, we introduce oblivious signature based-on envelope (OSBE) to OT and propose two novel OT schemes, which only allow the legitimate receivers to obtain services obliviously. The receiver is required to authenticate himself to the issuer to possess the required credential prior to access the protected services; while no authentication from the sender needs to be done. The sender knows the number of the services selected by the receiver, but does not know anything about his choices and personally identifiable information. The feature of our scheme also lies in avoiding zero knowledge proofs and achieving all-or-nothing non-transferable credentials. Our schemes are efficient in the cost of communication and computation.

[1]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[2]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[3]  Kazue Sako,et al.  k-Times Anonymous Authentication , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[4]  Hilarie K. Orman,et al.  Hidden Credentials , 2003, WPES '03.

[5]  Lan Nguyen Efficient Dynamic k-Times Anonymous Authentication , 2006, VIETCRYPT.

[6]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[7]  Kent E. Seamons,et al.  Concealing complex policies with hidden credentials , 2004, CCS '04.

[8]  Yi Mu,et al.  A Generic Construction of Dynamic Single Sign-on with Strong Security , 2010, SecureComm.

[9]  Abhilasha Bhargav-Spantzel,et al.  User centricity: a taxonomy and open issues , 2006, DIM '06.

[10]  Yi Mu,et al.  Three-Round Secret Handshakes Based on ElGamal and DSA , 2006, ISPEC.

[11]  Jan Camenisch,et al.  Oblivious Transfer with Hidden Access Control Policies , 2011, Public Key Cryptography.

[12]  Stefanos Gritzalis,et al.  Privacy Enhancing Technologies: A Review , 2003, EGOV.

[13]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[14]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[15]  Jan Camenisch,et al.  Oblivious transfer with access control , 2009, IACR Cryptol. ePrint Arch..

[16]  Kazue Sako,et al.  k-Times Anonymous Authentication with a Constant Proving Cost , 2006, Public Key Cryptography.

[17]  Christos Nikolaou,et al.  A New User-Centric Identity Management Infrastructure for Federated Systems , 2006, TrustBus.

[18]  Wen-Guey Tzeng,et al.  Efficient k-out-of-n Oblivious Transfer Schemes , 2005, J. Univers. Comput. Sci..

[19]  Jan Camenisch,et al.  Efficient Attributes for Anonymous Credentials , 2012, TSEC.

[20]  Moni Naor,et al.  Oblivious transfer and polynomial evaluation , 1999, STOC '99.

[21]  Moni Naor,et al.  Oblivious Transfer with Adaptive Queries , 1999, CRYPTO.

[22]  Alexandra Boldyreva,et al.  Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-Group signature scheme , 2002 .

[23]  Kaoru Kurosawa,et al.  Simple Adaptive Oblivious Transfer without Random Oracle , 2009, ASIACRYPT.

[24]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[25]  Ninghui Li,et al.  Oblivious signature-based envelope , 2003, PODC '03.

[26]  Gilles Brassard,et al.  Information theoretic reductions among disclosure problems , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[27]  Abhi Shelat,et al.  Simulatable Adaptive Oblivious Transfer , 2007, EUROCRYPT.

[28]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[29]  Rafail Ostrovsky,et al.  Conditional Oblivious Transfer and Timed-Release Encryption , 1999, EUROCRYPT.

[30]  K.E. Seamons,et al.  Automated trust negotiation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[31]  Moni Naor,et al.  Computationally Secure Oblivious Transfer , 2004, Journal of Cryptology.

[32]  Audun Jøsang,et al.  A User-centric Federated Single Sign-on System , 2007, 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007).

[33]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[34]  Matthew Green,et al.  Controlling Access to an Oblivious Database Using Stateful Anonymous Credentials , 2009, Public Key Cryptography.

[35]  Michael Mitzenmacher,et al.  Privacy Preserving Keyword Searches on Remote Encrypted Data , 2005, ACNS.

[36]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[37]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[38]  Birgit Pfitzmann,et al.  Federated Identity Management , 2007, Security, Privacy, and Trust in Modern Data Management.

[39]  Mikhail J. Atallah,et al.  Attribute-Based Access Control with Hidden Policies and Hidden Credentials , 2006, IEEE Transactions on Computers.

[40]  Jan Camenisch,et al.  Unlinkable Priced Oblivious Transfer with Rechargeable Wallets , 2010, Financial Cryptography.

[41]  Yi Mu,et al.  Constant-Size Dynamic k-TAA , 2006, SCN.

[42]  David W. Chadwick,et al.  Federated Identity Management , 2009, FOSAD.