Hakan seyalioglu



Keywords: hakan seyalioglu
Description: Abstract: Motivated by the question of access control in cloud storage, we consider the problem using Attribute-Based Encryption (ABE) in a setting where users' credentials may change and

Abstract: Motivated by the question of access control in cloud storage, we consider the problem using Attribute-Based Encryption (ABE) in a setting where users' credentials may change and ciphertexts may be stored by a third party. We fi nd that a comprehensive solution to our problem must simultaneously allow for the revocation of ABE private keys as well as allow for the ability to update ciphertexts to reflect the most recent updates. Our main result is obtained by pairing two contributions:

- Revocable Storage. We ask how a third party can process a ciphertext to disqualify revoked users from accessing data that was encrypted in the past, while the user still had access. In applications, such storage may be with an untrusted entity and as such, we require that the ciphertext management operations can be done without access to any sensitive data (which rules out decryption and re-encryption). We defi ne the problem of revocable storage and provide a fully secure construction. Our core tool is a new procedure that we call ciphertext delegation. One can apply ciphertext delegation on a ciphertext encrypted under a certain access policy to `re-encrypt' it to a more restrictive policy using only public information. We provide a full analysis of the types of delegation possible in a number of existing ABE schemes.

- Protecting Newly Encrypted Data. We consider the problem of ensuring that newly encrypted data is not decryptable by a user's key if that user's access has been revoked. We give the fi rst method for obtaining this revocation property in a fully secure ABE scheme. We provide a new and simpler approach to this problem that has minimal modi cations to standard ABE. We identify and de fine a simple property called piecewise key generation which gives rise to efficient revocation. We build such solutions for Key-Policy and Ciphertext-Policy Attribute-Based Encryption by modifying an existing ABE scheme due to Lewko et al. to satisfy our piecewise property and prove security in the standard model.

It is the combination of our two results that gives an approach for revocation. A storage server can update stored ciphertexts to disqualify revoked users from accessing data that was encrypted before the user's access was revoked. This is the full version of the Crypto 2012 paper.






Photogallery Hakan seyalioglu:


Nancy Rodriguez - Google+


Nancy Rodriguez - Google+


Nancy Rodriguez - Google+


Nancy Rodriguez - Google+


Nancy Rodriguez - Google+


Nancy Rodriguez - Google+


Reducing Trust When Trust Is Essential [eScholarship]


Reducing Trust When Trust Is Essential [eScholarship]


Pierre Dagneau's Social Profiles, contact, images


Issue 3: SoCal Residents Not as Trusting as Rest of Nation ...


Issue 3: SoCal Residents Not as Trusting as Rest of Nation ...


On Trust and Being True: Toward a Genealogy of Morals [eScholarship]


On Trust and Being True: Toward a Genealogy of Morals [eScholarship]


Iterative methods for large-scale unconstrained optimization ...


Iterative methods for large-scale unconstrained optimization ...


Trust among Strangers [eScholarship]


Trust among Strangers [eScholarship]


SACRED TRUSTS: ESSAYS ON STEWARDSHIP AND RESPONSIBILITY [eScholarship]


SACRED TRUSTS: ESSAYS ON STEWARDSHIP AND RESPONSIBILITY [eScholarship]


Jeremy Commandeur - Videos - Google+


Jeremy Commandeur - Videos - Google+