The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

PRIVACY ENHANCED AUTOMATED TRUST NEGOTIATION

Download

Download PDF Document
PDF

Author

Jiangtao Li

Tech report number

CERIAS TR 2007-63

Entry type

phdthesis

Download

PDF

Key alpha

Li

School

Purdue University, CERIAS

Publication Date

2001-01-01

Contents

TABLE OF CONTENTS Page LIST OF TABLES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii LIST OF FIGURES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii ABBREVIATIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix ABSTRACT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 Cryptographic Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1 Cryptographic Commitment Scheme . . . . . . . . . . . . . . . . . . . . 7 2.2 Homomorphic Encryption . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.3 Identity-Based Encryption . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.4 Hidden Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.5 Scrambled Circuit Evaluation . . . . . . . . . . . . . . . . . . . . . . . 11 3 OACerts: Oblivious Attribute Certificates . . . . . . . . . . . . . . . . . . . . 15 3.1 Architecture of OACerts . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.2 Applications of OACerts . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.3 Definition of OCBE . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.4 OCBE Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.4.1 EQ-OCBE: An OCBE Protocol For = Predicates . . . . . . . . . 28 3.4.2 GE-OCBE: An OCBE Protocol For ≥ Predicates . . . . . . . . . 31 3.4.3 OCBE Protocols for Other Predicates . . . . . . . . . . . . . . . 35 3.4.4 MOCBE: Multi-attribute OCBE . . . . . . . . . . . . . . . . . . 36 3.5 Implementation and Performance . . . . . . . . . . . . . . . . . . . . . 38 4 Policy-Hiding Access Control Using OACerts . . . . . . . . . . . . . . . . . . 40 4.1 Using OACerts and CIPPE for Policy-Hiding Access Control . . . . . . . 42 4.2 Definition of Certified Input Private Policy Evaluation . . . . . . . . . . . 44 4.3 Building Circuits That Have Uniform Topological Structure . . . . . . . . 48 4.4 A Committed-Integer Based Oblivious Transfer Protocol . . . . . . . . . 52 4.5 The CIPPE Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 5 A Privacy-Preserving Trust Negotiation Protocol . . . . . . . . . . . . . . . . 60 5.1 Our Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 5.2 Trust Negotiation: Review and Discussion . . . . . . . . . . . . . . . . . 61 5.3 Our Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 5.3.1 Notation and Definitions . . . . . . . . . . . . . . . . . . . . . . 67 5.3.2 Problem Definition . . . . . . . . . . . . . . . . . . . . . . . . 67 5.3.3 Overview of Our Approach . . . . . . . . . . . . . . . . . . . . 69 5.3.4 Proof of RE Strategy . . . . . . . . . . . . . . . . . . . . . . . . 70 5.4 Protocol for Privacy-Preserving Trust Negotiation . . . . . . . . . . . . . 73 5.4.1 Building Blocks . . . . . . . . . . . . . . . . . . . . . . . . . . 73 5.4.2 Secure RE Strategy Protocol . . . . . . . . . . . . . . . . . . . . 74 5.4.3 Privacy-Preserving Trust Negotiation Protocol . . . . . . . . . . 77 5.5 Efficiency Improvements . . . . . . . . . . . . . . . . . . . . . . . . . . 78 5.5.1 A More Efficient Equality Test for Array Elements . . . . . . . . 78 5.5.2 Reducing the Number of Rounds . . . . . . . . . . . . . . . . . 80 5.6 Security Proofs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 5.6.1 Definition of Security . . . . . . . . . . . . . . . . . . . . . . . 80 5.6.2 Sketch of the Security Proof . . . . . . . . . . . . . . . . . . . . 81 6 A Trust Negotiation Framework for Cryptographic Credentials . . . . . . . . . 84 6.1 Overview of Cryptographic Credentials and Tools for ATN . . . . . . . . 85 6.2 The Language of Credentials and Policies . . . . . . . . . . . . . . . . . 88 6.3 The Extended Trust Target Graph Protocol . . . . . . . . . . . . . . . . 99 6.3.1 Nodes in a Trust-Target Graph . . . . . . . . . . . . . . . . . . . 100 6.3.2 Edges in a Trust-Target Graph . . . . . . . . . . . . . . . . . . . 101 6.3.3 State Propagation in TTG . . . . . . . . . . . . . . . . . . . . . 103 6.3.4 Messages in the Protocol . . . . . . . . . . . . . . . . . . . . . 106 6.3.5 Node Processing . . . . . . . . . . . . . . . . . . . . . . . . . . 107 6.3.6 Example of The ETTG Protocol . . . . . . . . . . . . . . . . . . 112 7 Related Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 7.1 Automated Trust Negotiation . . . . . . . . . . . . . . . . . . . . . . . 115 7.2 Cryptographic Approaches to Automated Trust Negotiation . . . . . . . . 116 7.3 Anonymous Credential Systems . . . . . . . . . . . . . . . . . . . . . . 116 7.4 Secure Function Evaluation . . . . . . . . . . . . . . . . . . . . . . . . 117 8 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 LIST OF REFERENCES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 VITA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Location

A hard-copy of this is in the CERIAS Library

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.