Paper 2009/529

Oblivious Transfer with Access Control

Jan Camenisch, Maria Dubovitskaya, and Gregory Neven

Abstract

We present a protocol for anonymous access to a database where the different records have different access control permissions. These permissions could be attributes, roles, or rights that the user needs to have in order to access the record. Our protocol offers maximal security guarantees for both the database and the user, namely (1) only authorized users can access the record; (2) the database provider does not learn which record the user accesses; and (3) the database provider does not learn which attributes or roles the user has when she accesses the database. We prove our protocol secure in the standard model (i.e., without random oracles) under the bilinear Diffie-Hellman exponent and the strong Diffie-Hellman assumptions.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. To appear at ACM CCS 2009.
Keywords
oblivious transferanonymous credentials
Contact author(s)
nev @ zurich ibm com
History
2009-11-02: received
Short URL
https://ia.cr/2009/529
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/529,
      author = {Jan Camenisch and Maria Dubovitskaya and Gregory Neven},
      title = {Oblivious Transfer with Access Control},
      howpublished = {Cryptology ePrint Archive, Paper 2009/529},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/529}},
      url = {https://eprint.iacr.org/2009/529}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.