EASiER: Encryption-based Access Control in Social Networks with Efficient Revocation

Sonia Jahid, Prateek Mittal, Nikita Borisov

University of Illinois at Urbana-Champaign

Presented by Nikita BorisovASIACCS 2011

Motivation

2

Encryption

Encrypt social network data flyByNight [Lucas&Borisov’08] NOYB [Guha et al.’09] FaceCloak [Luo et al.’09] Persona [Baden et al.’09]

Users directly control access Grant access by distributing keys Revoke access by…?

3

Revocation

4

Alice

Bob Carol Diana

Existing Data

Expensive!

Our Contribution:Efficient revocation without rekeying or

re-encryption, by using a minimally trusted proxy

Re-encrypt

System Architecture

5

Bob Carol Diana

KeyProxy (Revoke Bob)

Proxy

Modified CTcomponent

CTcomponent

PK, MK

1 AND Colleague

Neighbor

OR

Friend

friend, neighbor

colleague friend,colleague

Alice

SetupKeyGenEncryptRevoke/KeyProxyConvertDecrypt

Algorithms - Basic Idea(cf. [Naor&Pinkas’00])

6

SKr,r

1

SKr,r

2

SKr,r

3

SKr,r

4

CT CT’

SK

Convert

Point to Determine, P(0)

Security

Immediate revocation As soon as proxy updated Including past data

Minimally trusted proxy Cannot decrypt data Cannot “unrevoke” users even if

compromised

7

Evaluation

8

Encrypt Decrypt Keygen0

1

2

3

4

5

6

7

8

9

CP-ABECP-ABE-MNTEASiER

Evaluation- Proxy Rekey

9

0 100 200 300 400 5000

0.20.40.60.8

11.21.4

Users Revoked

Tim

e t

o R

eke

y P

roxy

(seco

nd)

Comparison

Conventional revocation Rekey 500 friends: 5s Decrypt 2000 items: 13s Encrypt 2000 items: 36s

EASiER: 1.5s

10

Evaluation - Conversion

11

0 20 40 60 80 100

00.20.40.60.8

11.21.4

Leaf Nodes in Policy

Convers

ion T

Ime

(seco

nd)

Conclusion

We introduced an efficient revocation scheme for ABE Useful in OSNs

Potential uses in other ABE deployments

Open problems Forward security of

proxy

Stronger security proofs

12

Sonia Jahid

Prateek Mittal

Questions?

13

Sonia Jahid

Prateek Mittal