Conjunctive, Subset, and Range Queries on Encrypted Data - PowerPoint PPT Presentation

1 / 56
About This Presentation
Title:

Conjunctive, Subset, and Range Queries on Encrypted Data

Description:

Hidden Vector Encryption (HVE) Extreme example, Anonymous Identity Based ... Get public key PK and secret ket SK. 42. Application of HVE(4/15) Encrypt(PK,S,M) ... – PowerPoint PPT presentation

Number of Views:183
Avg rating:3.0/5.0
Slides: 57
Provided by: ailabCs
Category:

less

Transcript and Presenter's Notes

Title: Conjunctive, Subset, and Range Queries on Encrypted Data


1
Conjunctive, Subset, and Range Queries on
Encrypted Data
Dan Boneh and Brent Waters
Lecture Notes in Computer Science, 2007
  • Presenter ???

2
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

3
Introduction(1/3)
Visa Credit card payment Gateway
More Secure Processing
Yes
Encrypted Transaction
Encrypted Transaction
Encrypted Transaction
Normally Secure Processing
Predicate P value over 1000
No
Visas Public Key
Given by Visa
4
Introduction(2/3)
inbox
Mail Server
Satisfy P
Recipients pager
P
P
Discard
Satisfy P
Recipients Public key
Given by Recipient
5
Introduction(3/3)
  • Hidden Vector Encryption (HVE)
  • Extreme example, Anonymous Identity Based
    Encryption (AnonIBE)
  • Query type
  • Equality query
  • Comparison query
  • Subset query

6
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

7
Definition(1/4)
  • S finite set of binary strings
  • Predicate P over S is a function
  • P S ?0,1
  • S?S if P(S)1

8
Definition(2/4)
  • F set of predicates over S
  • F-searchable public key system
  • Setup(?)
  • Input security parameter ?
  • Output public key PK and secret key SK
  • Encrypt(PK,S,M)
  • Public key PK
  • S?S as the searchable field, called an index
  • M as the data

9
Definition(3/4)
  • F-searchable public key system
  • GenToken(SK,ltPgt)
  • Input secret key SK and a predicate P?F
  • Output a token TK
  • Query(TK,C)
  • Input token TK for some predicate P and a
    ciphertext C that is an encryption of (S,M)
  • Output M or ?

10
Definition(4/4)
  • Correctness
  • Query correctness

11
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

12
Brute Force Construction(1/9)
  • S finite set of binary strings
  • Build a F-searchable public key system eTR
  • e(Setup, Encrypt, Decrypt) be a public key
    system
  • FP1,P2,,Pt

13
Brute Force Construction(2/9)
  • Setup(?)
  • Run Setup(?) t times
  • PK?(PK1,,PKt)
  • SK?(SK1,,SKt)
  • Output (PK, SK)

14
Brute Force Construction(3/9)
  • Encrypt(PK,S,M)
  • For i 1,,t define
  • Output C?(C1,,Ct)

15
Brute Force Construction(4/9)
  • GenToken(SK,ltPgt)
  • ltPgt is the description of predicate F
  • The index i of Pi in F
  • Output TK?(i,SKi)

16
Brute Force Construction(5/9)
  • Query(TK,C)
  • C(C1,,Ct)
  • TK(i,SKi)
  • Output Decrypt(SKi,Ci)

17
Brute Force Construction(6/9)
  • Example for single query
  • S1,2,3,4,5
  • FP1,P2,P3
  • Setup(?)
  • Run 3 times Setup(?)
  • PK?(PK1,PK2,PK3)
  • SK?(SK1,SK2,SK3)

18
Brute Force Construction(7/9)
  • Encrypt(PK,4,M)
  • C1?Encrypt(PK1,?)
  • C2?Encrypt(PK2,?)
  • C3?Encrypt(PK3,M)
  • C?(C1,C2,C3)

19
Brute Force Construction(8/9)

20
Brute Force Construction(9/9)
  • Example for conjunctive comparison predicates
  • S1,,nw1,2,3,4,54
  • n is the maximum value for each cell
  • w is the number of the cells
  • Fn,w be a set of predicates, Fn,wnw54

21
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

22
Pairings and complexity assumption(1/5)
  • p, q are two big primes. n pq
  • G bilinear group, order n
  • Gp cyclic group, order p
  • Gq cyclic group, order q
  • GT cyclic group
  • eG2?GT satisfied as follows
  • Biliner ?u, v?G, e(ua,vb)e(u,v)ab
  • Non-degenerate ?g s.t. e(g,g) has order n in GT

23
Pairings and complexity assumption(2/5)
  • The composite Bilinear Diffie-Hellman assumption
    (cBDH)

24
Pairings and complexity assumption(3/5)
  • The advantage of cBDH

25
Pairings and complexity assumption(4/5)
  • The composite 3-party Diffie-Hellman assumption
    (c3DH)

26
Pairings and complexity assumption(5/5)
  • The advantage of c3DH

27
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

28
Hidden Vector Encryption(1/10)
GenTokenHVE
Conjunctive General Predicate
Predicate Vector
Token
QueryHVE
SK
Data / ?
Multi-cell Practical Value
Practical Vector
Ciphertext
PK
EncryptHVE
Data
29
Hidden Vector Encryption(2/10)
  • S finite set
  • special symbol, plays the role of a wildcard
    or dont care.
  • S S?

30
Hidden Vector Encryption(3/10)

31
Hidden Vector Encryption(4/10)

32
Hidden Vector Encryption(5/10)
  • Particular HVE construction
  • SZm for some integer m
  • S Zm?

33
Hidden Vector Encryption(6/10)
  • SetupHVE(?)
  • Choose random primes p,q gt m
  • Create a bilinear group G of order n
  • Picks random elements

34
Hidden Vector Encryption(7/10)

35
Hidden Vector Encryption(8/10)
  • EncryptHVE(PK,I,M)

36
Hidden Vector Encryption(9/10)
  • GenTokenHVE(SK,I)
  • S be a set of all index i s.t. Ii ?
  • Choose random
  • Generate a token for the predicate

37
Hidden Vector Encryption(10/10)
  • QueryHVE(TK,C)
  • First, compte
  • If M is not in data space, output ?. Otherwise,
    output M.

38
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

39
Application of HVE(1/15)
GenTokenHVE
Conjunctive General Predicate
Predicate Vector
Token
QueryHVE
SK
Data / ?
Multi-cell Practical Value
Practical Vector
Ciphertext
PK
EncryptHVE
Data
40
Application of HVE(2/15)
  • Example for conjunctive comparison queries
  • S010,1Z2
  • S010,1,Z2?
  • Take n3, w4, then lnw12, m2
  • Secure HVE over S0112
  • (SetupHVE, EncryptHVE, GenTokenHVE, QueryHVE)
  • Construct a Fn,w-searchable system as follows

41
Application of HVE(3/15)
  • Setup(?)
  • Run SetupHVE(?)
  • Get public key PK and secret ket SK.

42
Application of HVE(4/15)
  • Encrypt(PK,S,M)
  • S(x1,,xw)?1,,nw1,2,34
  • Build a vector s(S)(si,j)?S01nwS0112
  • si,j1 if xi ? j si,j0, otherwise
  • For example, take S(1,3,2,1)
  • Vector s(S) (100 111 110 100)
  • Output C?EncryptHVE(PK,s(S),M), size O(nw)

43
Application of HVE(5/15)
  • GenToken(SK,ltPagt)
  • a(a1,a2,a3,a4)?1,,nw1,2,34
  • Build a vector s(a)(si,j)?S01nwS0112
  • si,j1 if xij si,j, otherwise
  • For example, take a (2,3,1,1)
  • Vector s(a) (1 1 1 1)
  • Output TKa?GenTokenHVE(SK,s(a)), size O(w)

44
Application of HVE(6/15)
  • Query(TKa,C)
  • Run QueryHVE(TKa,C)

45
Application of HVE(7/15)
  • S(1,3,2,1) and a(2,3,1,1)
  • Pa(S)(x1?2)(x2?3)(x3?1)(x4?1)0

46
Application of HVE(8/15)
  • S(2,3,2,1) and a(2,3,1,1)
  • Pa(S)(x1?2)(x2?3)(x3?1)(x4?1)1

47
Application of HVE(9/15)
  • Conjunctive range queries
  • To search for plaintext where x?a,b
  • Encrypts the pair (x,x)
  • The predicate then tests x?a x?b

48
Application of HVE(10/15)
  • Subset queries
  • T set of size n
  • A?T
  • Subset predicate
  • PA(x)1 if x?A PA(x) 0, otherwise

49
Application of HVE(11/15)
  • Conjunctive subset predicates over Tw
  • s(A1,,Aw) where Ai?T, i1,,w
  • s?(2T)w
  • x(x1,,xw)
  • Ps(x)1, if xi?Ai ?i1,,w
  • Ps(x)0, otherwise

50
Application of HVE(12/15)
  • T1,2,3,4,5, Tn5, w4
  • A11,2,4, A23,5, A31,5, A42
  • FPs,?s?(2T)w, F2nw220

51
Application of HVE(13/15)
  • Encrypt(PK,S,M)
  • S(x1,,xw)?1,,nw1,2,3,4,54
  • Build a vector s(S)(si,j)?S01nwS0120
  • si,j1 if xi?j si,j0, otherwise
  • For example, take S(4,5,2,3)
  • Vector s(S) (11101 11110 10111 11011)
  • Output C?EncryptHVE(PK,s(S),M), size O(nw)

52
Application of HVE(14/15)
  • GenToken(SK,ltPagt)
  • a(A1,A2,A3,A4)?1,,nw1,2,3,4,54
  • Build a vector s(a)(si,j)?S01nwS0120
  • si,j1 if j?Ai si,j, otherwise
  • For example, take a (A1,A2,A3,A4)
  • A11,2,4, A23,5, A31,5, A42
  • Vector s(a) (11 111 111 1111)
  • Output TKa?GenTokenHVE(SK,s(a)), size O(nw)

53
Application of HVE(15/15)
  • S(4,5,2,3) and a(A1,A2,A3,A4)
  • A11,2,4, A23,5, A31,5, A42
  • Pa(S)(4?A1)(5?A2)(2?A3)(3?A4)0

54
Outline
  • Introduction
  • Definition
  • Brute Force Construction
  • Pairings and complexity assumption
  • Hidden Vector Encryption
  • Application of HVE
  • Conclusion

55
Conclusion(1/2)
GenTokenHVE
Conjunctive General Predicate
Predicate Vector
Token
QueryHVE
SK
Data / ?
Multi-cell Practical Value
Practical Vector
Ciphertext
PK
EncryptHVE
Data
56
Conclusion(2/2)
  • As the width of HVE is 1, the HVE scheme is
    essentially an Aonymous IBE system.
  • Improve the size of ciphertext.
  • The predicate vector and the practical vector are
    unique.
  • Composite queries.
  • Range query Subset query
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Conjunctive, Subset, and Range Queries on Encrypted Data" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!