论文信息 - Towards Efficient Over-Encryption in Outsourced Databases Using Secret Sharing

Towards Efficient Over-Encryption in Outsourced Databases Using Secret Sharing

Over-encryption is a technique for managing evolving access control requirements in outsourced databases. In over-encryption, a data owner and outsourcing server collectively encrypt resources in such a way that users' accesses can be effectively controlled without the need for shipping the resources back to the owner. One potential limitation of the original over-encryption scheme is that it requires publishing a large amount of tokens. In this paper, we present a new key-assignment approach based on secret sharing. We first give two different key derivation schemes, and then we combine them as one scheme. We analyze the amount of public tokens required by the original over-encryption scheme and our scheme, and we show that our scheme can provide the same over-encryption capability more efficiently.

Shuai Liu | Lingyu Wang | Wei Li

[1] Amos Beimel,et al. Secret Sharing with Public Reconstruction , 1998, IEEE Trans. Inf. Theory.

[2] Marina Blanton,et al. Dynamic and Efficient Key Management for Access Hierarchies , 2009, TSEC.

[3] Alberto Ceselli,et al. Modeling and assessing inference exposure in encrypted databases , 2005, TSEC.

[4] Jason Crampton,et al. On key assignment for hierarchical access control , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[5] Selim G. Akl,et al. Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[6] Dan Suciu,et al. Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[7] Adi Shamir,et al. How to share a secret , 1979, CACM.

[8] Amr M. Youssef,et al. Preventing Collusion Attacks on the One-Way Function Tree (OFT) Scheme , 2007, ACNS.

[9] Noga Alon,et al. Efficient Dynamic-Resharing "Verifiable Secret Sharing" Against Mobile Adversary , 1995, ESA.

[10] Gene Tsudik,et al. Tree-based group key agreement , 2004, TSEC.

[11] Philippe Béguin,et al. General Short Computational Secret Sharing Schemes , 1995, EUROCRYPT.

[12] Sushil Jajodia,et al. Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.