Accountable Oblivious Transfer with Access Control

Jinguang Han*, Willy Susilo, Yi Mu, Man Ho Au, Jie Cao

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

8 Citations (Scopus)


To prevent illegal users accessing the database and protect users' privacy, oblivious transfer with access control (AC-OT) was proposed. In an AC-OT scheme, the database provider can encrypt the records and publish corresponding access control lists (ACLs). Prior to accessing the records, a user needs to obtain anonymous credentials from the issuer. Subsequently, an authorized user can obtain the intended records without the database provider knowing its choices. Although AC-OT schemes have shown a lot of merits, there are some practical issues: 1) one of the inherited problems in anonymous credentials is timely revocation and 2) how to prevent malicious users overusing the records. In this paper, we propose an accountable AC-OT scheme to address these issues. In our scheme, an authorized user can access the protected records without the database provider knowing his personal information and choices if: 1) he has obtained the required credentials listed in the ACLs and 2) the number of the access times for each record is no more than the specified bound. Notably, the database provider can trace and revoke the user who overused the records even in the lifetime of his credentials. To the best of our knowledge, it is the first AC-OT scheme where timely revocation and overuse detection are considered.

Original languageEnglish
Pages (from-to)2502-2514
JournalIEEE Transactions on Information Forensics and Security
Issue number12
Early online date05 Aug 2015
Publication statusPublished - 01 Dec 2015


  • Accountability
  • Oblivious Transfer
  • Privacy
  • Revocation
  • Security

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Accountable Oblivious Transfer with Access Control'. Together they form a unique fingerprint.

Cite this