New constructions of OSBE schemes and their applications in oblivious access control

Jinguang Han*, Willy Susilo, Yi Mu, Jun Yan

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

2 Citations (Scopus)

Abstract

Oblivious signature-based envelope (OSBE) schemes have demonstrated their potential applications in the protection of users privacy and rights. In an OSBE protocol, an encrypted message can only be decrypted by the receiver who holds a valid signature on a public message, while the sender (encrypter) does not know whether the receiver has the signature or not. Our major contributions in this work lie in the following aspects. We improve the notion of OSBE so that a valid credential holder cannot share his/her credential with other users (i. e., all-or-nothing non-transferability). We clarify the relationship between one-round OSBE and identity-based encryption (IBE) and show that one-round OSBE and semantically secure IBE against the adaptively chosen identity attack (IND-ID-CPA) are equivalent, if the signature in the OSBE scheme is existentially unforgeable against adaptively chosen message attacks. We propose an oblivious access control scheme to protect user privacy without the aid of any zero-knowledge proof. Finally, we also highlight some other novel applications of OSBE, such as attributed-based encryption.

Original languageEnglish
Pages (from-to)389-401
JournalInternational Journal of Information Security
Volume11
Issue number6
Early online date26 Aug 2012
DOIs
Publication statusPublished - 01 Nov 2012
Externally publishedYes

Keywords

  • Access control
  • Oblivious signature-based envelope
  • Oblivious transfer

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'New constructions of OSBE schemes and their applications in oblivious access control'. Together they form a unique fingerprint.

Cite this