Functional Encryption: Beyond Public Key Cryptography - PowerPoint PPT Presentation

About This Presentation
Title:

Functional Encryption: Beyond Public Key Cryptography

Description:

Setup: PK. MSK. Encrypt(PK ,M, f() ): KeyGen(MSK, Attrs.): 'CS255-TA' ... System Setup. 24. Key Generation. SK. t' ties components together. Personalization! 25 ... – PowerPoint PPT presentation

Number of Views:522
Avg rating:3.0/5.0
Slides: 37
Provided by: beth71
Category:

less

Transcript and Presenter's Notes

Title: Functional Encryption: Beyond Public Key Cryptography


1
Functional EncryptionBeyond Public Key
Cryptography
  • Brent Waters
  • SRI International

2
Protect Private Data
  • Payment Card Industry (PCI)
  • Health Care
  • Web Services

3
Access Control
?
4
Security Breaches
  • Intrusion
  • 45 Million Cards Stolen (Dec. 2006)
  • Physical Media Loss
  • 25 million U.K. citizens (Nov. 2007)

5
Access Control by Encryption
Idea Need secret key to access data e.g. PCI
Standards
6
Realistic Data Sharing
Problem Disconnect between policy and mechanism
?
  • Burden on provider

7
A Fundamental Gap
  • Online-Service
  • Complex
  • Several Keys
  • Key Lookup
  • Group Key Management

8
A New Vision
Functional Encryption
9
Functional Encryption A New Perspective
Public Parameters
Access Predicate f( )
If f(X)1
10
Why Functional Encryption?
Late Binding Access Control
e.g. Network Logs
11
Why Functional Encryption?
Late Binding Access Control
e.g. Network Logs
Src123.3.4.77 AND Date 12/5/07
  • Encrypt packet payload, tag with metadata
  • Distribute capabilities later

12
Why Functional Encryption?
Scalability and Robustness
Availability vs. Security
Personal Storage Devices
13
Why Functional Encryption?
Efficiency
Scales with policy complexity
vs.
14
Why Functional Encryption?
Receiver Privacy
?
AND
Salary gt 1M
ACLU
15
A New Vision for Encryption Systems
  • Retrospect Public vs. Secret Key Cryptography
  • Secure Internet Connections (Public Key Exchange)
  • Online Software Updates (Digital Signatures)
  • The next step forward

16
Functional Encryption for Formulas SW05
Line of Research SW05, GPSW06,PTMW06, BSW07,
BW07, OSW07,KSW08
?
?
MSK
?
PK
?
?
Key Authority
?
?
?
CS255-TA PhD
CS255-TA Undergrad
17
Functional Encryption for Formulas
Setup
KeyGen(MSK, Attrs.)
Encrypt(PK ,M, f() )
Decrypt(SK, CT)
18
A First Approach
Question Can we build functional encryption from
standard techniques?
Attempt Public Key Encryption Secret Sharing
19
Secret Sharing S78,B78,BL86
s
s
  • Use finite field e.g. Zp

A s
B r
C s-r
  • Ideas extend to more complex sharing

20
A First Approach
  • Combine S.S. and PKE

EA(R)
EB(M-R)
PKA
PKB
?
SKB
SKA
R
M-R
Collusion Attack!
M
21
Collusion Attacks The Key Threat
Need Key Personalization
Tension Functionality vs. Personalization
Kevin CS255-TA Undergrad
James PhD Graphics
22
Elliptic Curve Techniques
G multiplicative of prime order p. (Analogy
Zq)
Intuitive Hardness Discrete Log Given g, ga
Hard to get a
Bilinear map e G?G ? GT
e(ga, gb) e(g,g)ab ?a,b?Zp, g?G
High Level Single Multiplication Key for
satisfying functionality personalization
23
System Setup
24
Key Generation
Personalization!
t ties components together
25
Key Personalization (Intuition)
Kevin CS255-TA
Random t
James PhD
Components are incompatible (Formal security
proofs in papers)
Random t
26
Encryption
s
n leaf nodes y1, ... yn
f ( )
1s
2r
3s-r
CT
27
Making it work
CT
CS255-TA PhD
Message Randomization
Goal Compute and cancel to get M
28
Making it work
CT
SK
CS255-TA PhD
Message Randomization
Personalized Randomization
Use Bilinear Map for Decryption
New goal Personalized to user
29
Making it work
CS255-TA PhD
Personalized Randomization
  • Shares are personalized
  • (Use Bilinear-Map)
  • Linearly Combine

30
Security
Theorem System is (semantically) secure under
chosen key attack
Number Theoretic Assumption Bilinear
Diffie-Hellman Exponent BBG05
31
Impact
Line of Research SW05, GPSW06,PTMW06, BSW07,
BW07, OSW07,KSW08
Other Functional Encryption Work
ACDMS06,C07,CCKN07,CN07,SBCDP07, TBEM08
IBE S84,BF01,C01
32
Impact
cpabe-setup cpabe-keygen -o sarah_priv_key
pub_key master_key \ sysadmin it_dept
'office 1431' 'hire_date 2002'
  • Advanced Crypto Software Collection
  • Attribute-Based Messaging (UIUC)
  • Group Key Management CCKN07
  • Large Scale Content Distribution TBEM08
  • Future NIST Standardization

33
Beyond Access Control
Access Control All or nothing access
  • Bigger Idea Functions over encrypted data
  • Only learn functions output

Challenge Oblivious Evaluation
Only single keyword predicates SWP00, BDOP04,
BW06
34
Beyond Access Control
Complex Predicates over data KSW08
From bob_at_yahoo.com OR From alice_at_yahoo.com
Cant tell why matched!
Idea Inner Product Functionality (Multiplication
of Bilinear Map)
CT
Functionality Polynomial Equations
35
Medical Studies
Collect DNA medical information
Future Database of sequenced genome
AGTACCA...
Limit Privacy Loss
GeneTCF2 AT AND Prostate Cancer
36
Functional Encryption Summary
  • Tension Functionality vs. Personalization
  • SW05, GPSW06,PTMW06, BSW07, OSW07
  • Going Beyond Access Control BW06,BW07,KSW08
  • Fundamental Change Public Key Cryptography

37
Thank you
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Functional Encryption: Beyond Public Key Cryptography" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!