Access Control Encryption: Enforcing Information Flow with Cryptography

We initiate the study of Access Control Encryption ACE, a novel cryptographic primitive that allows fine-grained access control, by giving different rights to different users not only in terms of which messages they are allowed to receive, but also which messages they are allowed to send. Classical examples of security policies for information flow are the well known Bell-Lapadulai¾?[BL73] or Bibai¾?[Bib75] model: in a nutshell, the Bell-Lapadula model assigns roles to every user in the system e.g., public, secret and top-secret. A users' role specifies which messages the user is allowed to receive i.e., the no read-up rule, meaning that users with public clearance should not be able to read messages marked as secret or top-secret but also which messages the user is allowed to send i.e., the no write-down rule, meaning that a malicious user with top-secret clearance should not be able to write messages marked as secret or public. To the best of our knowledge, no existing cryptographic primitive allows for even this simple form of access control, since no existing cryptographic primitive enforces any restriction on what kind of messages one should be able to encrypt. Our contributions are:Introducing and formally defining access control encryption ACE;A construction of ACE with complexity linear in the number of the roles based on classic number theoretic assumptions DDH, Paillier;A construction of ACE with complexity polylogarithmic in the number of roles based on recent results on cryptographic obfuscation;

[1]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[2]  Manoj Prabhakaran,et al.  Rerandomizable RCCA Encryption , 2007, CRYPTO.

[3]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[4]  Ilya Mironov,et al.  Cryptographic Reverse Firewalls , 2015, EUROCRYPT.

[5]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[6]  Manuel Blum,et al.  Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract) , 1988, STOC 1988.

[7]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[8]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[9]  Birgit Pfitzmann,et al.  Intransitive non-interference for cryptographic purposes , 2003, 2003 Symposium on Security and Privacy, 2003..

[10]  Shai Halevi,et al.  Enforcing Confinement in Distributed Storage and a Cryptographic Model for Access Control , 2005, IACR Cryptol. ePrint Arch..

[11]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[12]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[13]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.

[14]  Georg Fuchsbauer,et al.  Policy Privacy in Cryptographic Access Control , 2015, 2015 IEEE 28th Computer Security Foundations Symposium.

[15]  L.,et al.  SECURE COMPUTER SYSTEMS : MATHEMATICAL FOUNDATIONS , 2022 .

[16]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[17]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[18]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[19]  Yevgeniy Dodis,et al.  Message Transmission with Reverse Firewalls - Secure Communication on Corrupted Machines , 2016, CRYPTO.

[20]  Birgit Pfitzmann,et al.  Computational probabilistic noninterference , 2004, International Journal of Information Security.

[21]  Control Encryption : Enforcing Information Flow with Cryptography ⋆ ⋆ ⋆ , 2021 .

[22]  John Langford,et al.  Provably Secure Steganography , 2002, IEEE Transactions on Computers.

[23]  Stefan Katzenbeisser,et al.  Hiding the Policy in Cryptographic Access Control , 2011, STM.

[24]  Mikhail J. Atallah,et al.  Attribute-Based Access Control with Hidden Policies and Hidden Credentials , 2006, IEEE Transactions on Computers.

[25]  Marc Fischlin,et al.  Sanitizable Signcryption: Sanitization over Encrypted Data (Full Version) , 2015, IACR Cryptol. ePrint Arch..

[26]  Sean W. Smith,et al.  Attribute-Based Publishing with Hidden Credentials and Hidden Policies , 2007, NDSS.

[27]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[28]  Steven M. Bellovin,et al.  Privacy Enhanced Access Control for Outsourced Data Sharing , 2012, Financial Cryptography.