Cited By
View all- Hajiabadi MMahmoody MQi WSarfaraz S(2023)Lower Bounds on Assumptions Behind Registration-Based EncryptionTheory of Cryptography10.1007/978-3-031-48618-0_11(306-334)Online publication date: 29-Nov-2023
Transparent Registration-Based Encryption through Blockchain
Article No.: 3, Pages 1 - 14
Abstract
Garg et al. (TCC 2018) defined the notion of registration-based encryption (RBE) where the private key generator (PKG) is decoupled from key management and replaced by a key curator (KC). KC does not possess any cryptographic secrets and only plays the role of aggregating the public keys of all the registered users and updating the public parameters whenever a new user joins the system, which solves the key escrow issue. Notwithstanding, RBE still places a significant amount of trust in KC, whose actions are not accountable, e.g., it could secretly register multiple keys for already registered users. In this article, we propose a blockchain-based RBE framework, which provides total transparency and decentralization of KC by leveraging smart contracts. Our framework transfers the right of key management from KC to individual participants and keeps publicly upgradable parameters on-chain. We provide a basic construction that calculates the public parameter on-chain and an extended construction with better efficiency, which merely calculates the roots of trees on-chain. Our basic version is theoretically feasible, while the extended version is practically feasible. In particular, the enhanced scheme reduces computing complexity to a constant level. Our prototype implementation and evaluation results demonstrate that our extended construction is satisfactorily efficient.
References
[1]
Adi Shamir. 1984. Identity-based cryptosystems and signature schemes. In Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT). Springer, 47–53.
[2]
Dan Boneh and Xavier Boyen. 2004. Efficient selective-ID secure identity-based encryption without random oracles. In International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’04). Springer, 223–238.
[3]
Dan Boneh and Matt Franklin. 2001. Identity-based encryption from the Weil pairing. In Annual Theory of Cryptography Conference (CRYPTO’01), Joe Kilian (Ed.). Springer, 213–229.
[4]
Ran Canetti, Shai Halevi, and Jonathan Katz. 2003. A forward-secure public-key encryption scheme. In International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’03). Springer, 255–271.
[5]
Amit Sahai and Brent Waters. 2005. Fuzzy identity-based encryption. In International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’05), Ronald Cramer (Ed.). Springer, 457–473.
[6]
Sanjam Garg, Mohammad Hajiabadi, Mohammad Mahmoody, and Ahmadreza Rahimi. 2018. Registration-based encryption: Removing private-key generator from IBE. In Theory of Cryptography (TCC). Springer, 689–718.
[7]
Sanjam Garg, Mohammad Hajiabadi, Mohammad Mahmoody, Ahmadreza Rahimi, and Sruthi Sekar. 2019. Registration-based encryption from standard assumptions. In International Workshop on Public Key Cryptography (PKC). Springer, 63–93.
[8]
Satoshi Nakamoto. 2008. Bitcoin: A Peer-to-Peer Electronic Cash System. (2008). https://bitcoin.org/bitcoin. Retrieved on Oct 25, 2022.
[9]
Gavin Wood et al. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151, 2014 (2014), 1–32.
[10]
Stephanos Matsumoto and Raphael M. Reischuk. 2017. IKP: Turning a PKI around with decentralized automated incentives. In 2017 IEEE Symposium on Security and Privacy (S&P’17). IEEE, 410–426.
[11]
Ze Wang, Jingqiang Lin, Quanwei Cai, Qiongxiao Wang, Jiwu Jing, and Daren Zha. 2018. Blockchain-based certificate transparency and revocation transparency. In International Conference on Financial Cryptography and Data Security (FC’18). Springer, 144–162.
[12]
Joseph Bonneau. 2016. EthIKS: Using ethereum to audit a CONIKS key transparency log. In International Conference on Financial Cryptography and Data Security (FC’16). Springer, 95–105.
[13]
Chang-Hyun Roh and Im-Yeong Lee. 2018. A study on PGP (pretty good privacy) using blockchain. In Advances in Computer Science and Ubiquitous Computing (CSA-CUTE). Springer, 316–320.
[14]
Duane Wilson and Giuseppe Ateniese. 2015. From pretty good to great: Enhancing PGP using bitcoin and the blockchain. In International Conference on Network and System Security (NSS’15). Springer, 368–375.
[15]
Saman Taghavi Zargar, James Joshi, and David Tipper. 2013. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Communications Surveys & Tutorials (COMST) 15, 4 (2013), 2046–2069.
[16]
Nethanel Gelernter, Senia Kalma, Bar Magnezi, and Hen Porcilan. 2017. The password reset MitM attack. In 2017 IEEE Symposium on Security and Privacy (S&P’17). IEEE, 251–267.
[17]
Alysson Bessani, Joao Sousa, and Eduardo E. P. Alchieri. 2014. State machine replication for the masses with BFT-SMART. In 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’14). IEEE, 355–362.
[18]
Boaz Barak, Oded Goldreich, Rusell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. 2001. On the (im) possibility of obfuscating programs. In Annual International Cryptology Conference (CRYPTO’01). Springer, 1–18.
[19]
John Kelsey, Luís T. A. N. Brandão, Rene Peralta, and Harold Booth. 2019. A Reference for Randomness Beacons: Format and Protocol Version 2. Technical Report. National Institute of Standards and Technology.
[20]
Benedikt Bünz, Steven Goldfeder, and Joseph Bonneau. 2017. Proofs-of-delay and randomness beacons in ethereum. IEEE Security and Privacy on the Blockchain (S&B) (2017).
[21]
Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway. 1998. Relations among notions of security for public-key encryption schemes. In Annual International Cryptology Conference (CRYPTO’98). Springer, 26–45.
[22]
Mark D. Ryan. 2014. Enhanced certificate transparency and end-to-end encrypted mail. In Network and Distributed System Security Symposium (NDSS’14).
[23]
Raymond Cheng, Fan Zhang, Jernej Kos, Warren He, Nicholas Hynes, Noah Johnson, Ari Juels, Andrew Miller, and Dawn Song. 2019. Ekiden: A platform for confidentiality-preserving, trustworthy, and performant smart contracts. In 2019 IEEE European Symposium on Security and Privacy (EuroS&P’19). IEEE, 185–200.
[24]
Rishab Goyal and Satyanarayana Vusirikala. 2020. Verifiable registration-based encryption. In Annual International Cryptology Conference (CRYPTO’20). Springer, 621–651.
[25]
Bo Qin, Jikun Huang, Qin Wang, Xizhao Luo, Bin Liang, and Wenchang Shi. 2020. Cecoin: A decentralized PKI mitigating MitM attacks. Future Generation Computer Systems (FGCS) 107 (2020), 805–815.
[26]
Christos Patsonakis, Katerina Samari, Mema Roussopoulos, and Aggelos Kiayias. 2017. Towards a smart contract-based, decentralized, public-key infrastructure. In International Conference on Cryptology and Network Security (CANS’17). Springer, 299–321.
[27]
Murat Yasin Kubilay, Mehmet Sabir Kiraz, and Hacı Ali Mantar. 2019. CertLedger: A new PKI model with certificate transparency based on blockchain. Computers & Security 85 (2019), 333–352.
[28]
Ze Wang, Jingqiang Lin, Quanwei Cai, Qiongxiao Wang, Daren Zha, and Jiwu Jing. 2020. Blockchain-based certificate transparency and revocation transparency. IEEE Transactions on Dependable and Secure Computing (TDSC), 19 (2020), 681–697.
[29]
Arnaud Durand, Pascal Gremaud, and Jacques Pasquier. 2017. Decentralized web of trust and authentication for the internet of things. In Proceedings of the 7th International Conference on the Internet of Things. 1–2.
[30]
Muneeb Ali, Jude Nelson, Ryan Shea, and Michael J. Freedman. 2016. Blockstack: A global naming and storage system secured by blockchains. In 2016 USENIX Annual Technical Conference (USENIX ATC’16). 181–194.
[31]
Yuhao Dong, Woojung Kim, and Raouf Boutaba. 2018. Bitforest: A portable and efficient blockchain-based naming system. In 2018 14th International Conference on Network and Service Management (CNSM’18). IEEE, 226–232.
[32]
Shu Yun Lim, Pascal Tankam Fotsing, Abdullah Almasri, Omar Musa, Miss Laiha Mat Kiah, Tan Fong Ang, and Reza Ismail. 2018. Blockchain technology the identity management and authentication service disruptor: A survey. International Journal on Advanced Science, Engineering and Information Technology (IJASEIT) 8, 4-2 (2018), 1735–1745.
[33]
Paul Dunphy and Fabien A. P. Petitcolas. 2018. A first look at identity management schemes on the blockchain. IEEE Security & Privacy 16, 4 (2018), 20–29.
[34]
Yuan Liu, Zheng Zhao, Guibing Guo, Xingwei Wang, Zhenhua Tan, and Shuang Wang. 2017. An identity management system based on blockchain. In 2017 15th Annual Conference on Privacy, Security and Trust (PST’17). IEEE, 44–4409.
[35]
Qin Wang, Rujia Li, Qi Wang, and David Galindo. 2020. Poster: Transparent certificate revocation for CBE based on blockchain. Poster Session of 41st IEEE Symposium on Security and Privacy (S&P).
[36]
Ikram Ali, Mwitende Gervais, Emmanuel Ahene, and Fagen Li. 2019. A blockchain-based certificateless public key signature scheme for vehicle-to-infrastructure communication in VANETs. Journal of Systems Architecture 99 (2019), 101636.
[37]
Rujia Li, Qin Wang, Qi Wang, and David Galindo. 2022. How do smart contracts benefit security protocols?arXiv:2202.08699. https://arxiv.org/pdf/2202.08699.pdf.
[38]
Hoang-Long Nguyen, Claudia-Lavinia Ignat, and Olivier Perrin. 2018. Trusternity: Auditing transparent log server with blockchain. In Companion Proceedings of the The Web Conference (WWW’18). 79–80.
[39]
2022. Ethereum name service. Accessible at https://docs.ens.domains/.
Index Terms
- Transparent Registration-Based Encryption through Blockchain
Recommendations
Efficient Registration-Based Encryption
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityRegistration-based encryption (RBE) was recently introduced as an alternative to identity-based encryption (IBE), to resolve the key-escrow problem: In RBE, the trusted authority is substituted with a weaker entity, called the key curator, who has no ...
How to Apply Fujisaki-Okamoto Transformation to Registration-Based Encryption
Cryptology and Network SecurityAbstractRegistration-based encryption (RBE) is a solution for the key-escrow problem in identity-based encryption. Initial RBE schemes are too theoretical and inefficient, but recent advances make RBE schemes efficient enough to be incorporated into real-...
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part IDesign a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
March 2023
190 pages
EISSN:2769-6480
DOI:10.1145/3587886
- Editors:
- Kim-Kwang Raymond Choo,
- Mohammad Hammoudeh
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 14 March 2023
Online AM: 19 October 2022
Accepted: 23 September 2022
Revised: 10 June 2022
Received: 06 February 2022
Published in DLT Volume 2, Issue 1
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- Shenzhen fundamental research
- Guangdong Provincial Key Laboratory
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 486Total Downloads
- Downloads (Last 12 months)172
- Downloads (Last 6 weeks)25
Reflects downloads up to 14 Dec 2024
Other Metrics
Citations
Cited By
View all- Hajiabadi MMahmoody MQi WSarfaraz S(2023)Lower Bounds on Assumptions Behind Registration-Based EncryptionTheory of Cryptography10.1007/978-3-031-48618-0_11(306-334)Online publication date: 29-Nov-2023
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in