EASiER: Encryption-based Access Control in Social Networks with Efficient Revocation

Sonia Jahid, Prateek Mittal, Nikita BorisovUniversity of Illinois at Urbana-Champaign

Presented by Nikita BorisovASIACCS 2011

Motivation

2

Encryption

Encrypt social network data flyByNight [Lucas&Borisov’08] NOYB [Guha et al.’09] FaceCloak [Luo et al.’09] Persona [Baden et al.’09]

Users directly control access Grant access by distributing keys Revoke access by…?

3

Revocation

4

Alice

Bob Carol Diana

Existing Data

Expensive!

Our Contribution:Efficient revocation without rekeying or

re-encryption, by using a minimally trusted proxy

Re-encrypt

System Architecture

5

Bob Carol Diana

KeyProxy (Revoke Bob)

Proxy

Modified CTcomponent

CTcomponent

PK, MK

1 AND Colleague

Neighbor

OR

Friend

friend, neighbor

colleague friend,colleague

Alice

SetupKeyGenEncryptRevoke/KeyProxyConvertDecrypt

Algorithms - Basic Idea(cf. [Naor&Pinkas’00])

6

SKr,r

1

SKr,r

2

SKr,r

3

SKr,r

4

CT CT’

SK

Convert

Point to Determine, P(0)

Security

Immediate revocation As soon as proxy updated Including past data

Minimally trusted proxy Cannot decrypt data Cannot “unrevoke” users even if

compromised

7

Evaluation

8

Encrypt Decrypt Keygen0123456789

CP-ABECP-ABE-MNTEASiER

Evaluation- Proxy Rekey

9

0 100 200 300 400 50000.20.40.60.8

11.21.4

Users Revoked

Tim

e to

Rek

ey P

roxy

(s

econ

d)

Comparison

Conventional revocation Rekey 500 friends: 5s Decrypt 2000 items: 13s Encrypt 2000 items: 36s

EASiER: 1.5s

10

Evaluation - Conversion

11

0 20 40 60 80 100

00.20.40.60.8

11.21.4

Leaf Nodes in Policy

Conv

ersio

n TI

me

(sec

ond)

Conclusion We introduced an

efficient revocation scheme for ABE Useful in OSNs Potential uses in other

ABE deployments Open problems

Forward security of proxy

Stronger security proofs

12

Sonia Jahid

Prateek Mittal

Questions?

13

Sonia Jahid

Prateek Mittal