unbounded abe via bilinear entropy expansion revisited
play

Unbounded ABE via Bilinear Entropy Expansion, Revisited Jie Chen - PowerPoint PPT Presentation

Oct 21, 2022 •384 likes •1.21k views

Unbounded ABE via Bilinear Entropy Expansion, Revisited Jie Chen Junqing Gong Lucas Kowalczyk Hoeteck Wee ECNU ENS de Lyon Columbia University ENS & CNRS attribute-based encryption (ABE) [SW05, GPSW06] 1 attribute-based encryption

  1. Unbounded ABE via Bilinear Entropy Expansion, Revisited Jie Chen Junqing Gong Lucas Kowalczyk Hoeteck Wee ECNU ENS de Lyon Columbia University ENS & CNRS

  2. attribute-based encryption (ABE) [SW05, GPSW06] 1

  3. attribute-based encryption (ABE) [SW05, GPSW06] !"# !$# 2

  4. attribute-based encryption (ABE) [SW05, GPSW06] $%" $!" !" # (’CS’ and ‘PhD’) or ‘Professor’ !" & ’CS’ and ‘PhD’ !" ' ’EE’ and ‘Professor’ 3

  5. attribute-based encryption (ABE) [SW05, GPSW06] $%" $!" !" # (’CS’ and ‘PhD’) or ‘Professor’ !" & enc($) ’CS’ and ‘PhD’ (’CS’, ’Professor’) !" ' ’EE’ and ‘Professor’ 4

  6. attribute-based encryption (ABE) [SW05, GPSW06] (’CS’ and ‘PhD’) or ‘Professor’ ’CS’ and ‘PhD’ (’CS’, ’Professor’) ’EE’ and ‘Professor’ 5

  7. attribute-based encryption (ABE) [SW05, GPSW06] (’CS’ and ‘PhD’) or ‘Professor’ ’CS’ and ‘PhD’ (’CS’, ’Professor’) ’EE’ and ‘Professor’ 6

  8. attribute-based encryption (ABE) [SW05, GPSW06] (’CS’ and ‘PhD’) or ‘Professor’ ’CS’ and ‘PhD’ (’CS’, ’Professor’) collusion ’EE’ and ‘Professor’ 7

  9. attribute-based encryption (ABE) [SW05, GPSW06] &'" &!" !" # (’CS’ and ‘PhD’) or ‘Professor’ !" $ enc(&) ’CS’ and ‘PhD’ (’CS’, ’Professor’) !" % ’EE’ and ‘Professor’ 8

  10. attribute-based encryption (ABE) [SW05, GPSW06] &'" &!" !" # (’CS’ and ‘PhD’) or ‘Professor’ !" $ enc(&) ’CS’ and ‘PhD’ (’CS’, ’Professor’) !" % all attributes: [.] = {1, 2, ⋯ , .} ’EE’ and ‘Professor’ 9

  11. attribute-based encryption (ABE) [SW05, GPSW06] -., -+, +, " ! " # = true +, % enc(-) ! % # = false # ⊆ [)] +, & ! & # = false all attributes: [)] = {1, 2, ⋯ , )} 10

  12. ABE !"# = % & bounded !"# + , ' = true + - ' = false ' ⊆ [&] + . ' = false all attributes: [&] = {1, 2, ⋯ , &} 11

  13. unbounded ABE )*+ = , - bounded unbounded !"# = %(') [ LewkoWaters11 ] )*+ 2 3 . = true 2 4 . = false . ⊆ [-] 2 5 . = false all attributes: [-] = {1, 2, ⋯ , -} 12

  14. state of the art • L ewko W aters11 efficient (bilinear) groups prime-order - asymmetric • O kamoto T akashima12 • R ouselakis W aters13 adaptive security • Att rapadung14 adversary can choose the target at any time • K owalczyk L ewko15 • Att rapadung16 standard assumption • A grawal C hase17 ! -Lin, DLin and more - without random oracle 13

  15. state of the art • L ewko W aters11 efficient (bilinear) groups prime-order - asymmetric • O kamoto T akashima12 • R ouselakis W aters13 adaptive security • Att rapadung14 adversary can choose the target at any time • K owalczyk L ewko15 • Att rapadung16 static assumption • A grawal C hase17 ! -Lin, DLin and more 14

  16. state of the art efficient (bilinear) groups prime-order - asymmetric • O kamoto T akashima12 adaptive security adversary can choose the target at any time static assumption ! -Lin, DLin and more 15

  17. this work new and simpler unbounded ABE schemes - more efficient : 40% shorter ciphertext/key; or - more expressive : arithmetic span program 16

  18. this work new and simpler unbounded ABE schemes � more efficient : 40% shorter ciphertext/keyor - more expressive : arithmetic span program 17

  19. this work new and simpler unbounded ABE schemes � more efficient : 40% shorter ciphertext/key � more expressive : arithmetic span program 18

  20. this work new and simpler unbounded ABE schemes � more efficient : 40% shorter ciphertext/key � more expressive : arithmetic span program unbounded ABE compiler bounded ABE scheme 19

  21. this work new and simpler unbounded ABE schemes � more efficient : 40% shorter ciphertext/key � more expressive : arithmetic span program unbounded ABE compiler bounded ABE scheme entropy expansion lemma proof 20

  22. this work new and simpler unbounded ABE schemes � more efficient : 40% shorter ciphertext/key � more expressive : arithmetic span program unbounded ABE compiler bounded ABE [ LOSTW10 ] � scheme [ IW14 ] � 21

  23. compiler & lemma unbounded ABE compiler bounded ABE entropy expansion lemma 22

  24. compiler & lemma unbounded ABE compiler bounded ABE entropy expansion lemma bilinear group of composite order ! " ! # 23

  25. compiler & lemma unbounded ABE compiler bounded ABE entropy expansion lemma bilinear group of composite order $ % $ & ! ℍ ! " 24

  26. compiler & lemma unbounded ABE compiler bounded ABE entropy expansion lemma bilinear group of composite order ( ) ( * #: ! × ℍ ! " ⟶ 25

  27. compiler & lemma unbounded ABE compiler bounded ABE entropy expansion lemma bilinear group of composite order + , + - #: ! × ℍ ! " ⟶ ⋅ ( ) ( * .1 -subgroup .2 -subgroup 26

  28. compiler & lemma unbounded ABE compiler bounded ABE entropy expansion lemma bilinear group of composite order + , + - #: ! × ℍ ! " ⟶ ⋅ ⋅ ( ) ( * ℎ ) ℎ * .1 -subgroup .2 -subgroup .1 -subgroup .2 -subgroup 27

  29. compiler & lemma unbounded ABE compiler bounded ABE 28

  30. compiler & lemma unbounded ABE compiler bounded ABE * - ) * + , … , ' ( ! "#$ = ( ' ( , ' ( # ( -subgroup 29

  31. compiler & lemma unbounded ABE compiler bounded ABE * - ) * + , … , ' ( ! "#$ = ( ' ( , ' ( /* 0 , ' ( / ' ( ct 1 ∈ 3 # ( -subgroup 30

  32. compiler & lemma unbounded ABE compiler bounded ABE * - ) * + , … , ' ( ! "#$ = ( ' ( , ' ( /* 0 , ' ( / ' ( ct 1 ∈ 3 # ( -subgroup 31

  33. compiler & lemma unbounded ABE compiler bounded ABE * - ) * + , … , ' ( ! "#$ = ( ' ( , ' ( /* 0 , ' ( / ' ( ct 3 ∈ 5 2* 0 , ℎ ( 2 ℎ ( sk 3 ∈ 5 # ( -subgroup 32

  34. compiler & lemma unbounded ABE compiler bounded ABE / + ) * - ) / 0 , ' ( * + , … , ' ( ! "#$ = ( ' ( , ' ( "#$ = ( ' ( , ' ( 4* 5 , ' ( 4 ' ( ct 1 ∈ 3 7* 5 , ℎ ( 7 ℎ ( sk 1 ∈ 3 # ( -subgroup # ( -subgroup 33

  35. compiler & lemma unbounded ABE compiler bounded ABE / + ) * - ) / 0 , ' ( * + , … , ' ( ! "#$ = ( ' ( , ' ( "#$ = ( ' ( , ' ( 1 2 + 4 5 1 ( ⟻ 7 8 ;* < , ' ( ; ' ( ct 4 ∈ : >* < , ℎ ( > ℎ ( sk 4 ∈ : [ LewkoWaters11 ] # ( -subgroup # ( -subgroup 34

  36. compiler & lemma unbounded ABE compiler bounded ABE / + ) * - ) / 0 , ' ( * + , … , ' ( ! "#$ = ( ' ( , ' ( "#$ = ( ' ( , ' ( : ; + 1 = : ( ⟻ ? 6 4 / 0 56⋅/ + , ' ( 4* @ , ' ( 4 4 ' ( ct 1 ∈ 3 1 ∈ 3 ' ( 9 / 0 56⋅/ + , ℎ ( 9* @ , ℎ ( 9 9 1 ∈ 3 ℎ ( sk ℎ ( 1 ∈ 3 [ LewkoWaters11 ] # ( -subgroup # ( -subgroup 35

  37. compiler & lemma unbounded ABE bounded ABE entropy expansion lemma / + ) * - ) / 0 , ' ( * + , … , ' ( ! "#$ = ( ' ( , ' ( "#$ = ( ' ( , ' ( 4 / 0 56⋅/ + , ' ( 4* : , ' ( 4 4 ' ( ct 1 ∈ 3 1 ∈ 3 ' ( 9 / 0 56⋅/ + , ℎ ( 9* : , ℎ ( 9 9 1 ∈ 3 ℎ ( sk ℎ ( 1 ∈ 3 # ( -subgroup # ( -subgroup 36

  38. compiler & lemma unbounded ABE bounded ABE entropy expansion lemma 0 , ) + . ) 0 1 , ( ) + , , … , ( ) " #$% = ( ( ) , ( ) #$% = ( ( ) , ( ) ≈ 5 0 1 67⋅0 , , ( ) 5+ ; , ( ) 5 5 ( ) ct 2 ∈ 4 2 ∈ 4 ( ) : 0 1 67⋅0 , , ℎ ) :+ ; , ℎ ) : : 2 ∈ 4 ℎ ) sk ℎ ) 2 ∈ 4 $ ) -subgroup $ ) -subgroup 37

  39. compiler & lemma unbounded ABE bounded ABE entropy expansion lemma 0 , ) + . ) 0 1 , ( ) + , , … , ( ) " #$% = ( ( ) , ( ) #$% = ( ( ) , ( ) ≈ / 5 0 1 67⋅0 , , ( ) 5+ ; , ( ) 5 5 ( ) ct 2 ∈ 4 2 ∈ 4 ( ) : 0 1 67⋅0 , , ℎ ) :+ ; , ℎ ) : : 2 ∈ 4 ℎ ) sk ℎ ) 2 ∈ 4 $ ) -subgroup $ ) -subgroup 38

  40. compiler & lemma unbounded ABE bounded ABE entropy expansion lemma 0 2 ) 0 1 , & / +$, = ( & / , & / ' 0 1 45⋅0 2 , & / '( ) , & % ' ' & % ct ! ∈ # ! ∈ # & / 8 0 1 45⋅0 2 , ℎ / 8( ) , ℎ % 8 8 ! ∈ # ℎ % sk ℎ / ! ∈ # $ / -subgroup $ % -subgroup 39

  41. compiler & lemma unbounded ABE bounded ABE entropy expansion lemma 2 4 ) 2 4 ) 2 3 , ( 1 2 3 , ( 1 -$. = ( ( 1 , ( 1 -$. = ( ( 1 , ( 1 ≈ ⋅ ) 2 3 67⋅2 4 , ( 1 ) 2 3 67⋅2 4 , ( 1 )* + , ( % ) ) ) ( % ct ! ∈ # ! ∈ # ( 1 ( 1 ! ∈ # 9 2 3 67⋅2 4 , ℎ 1 9 2 3 67⋅2 4 , ℎ 1 9* + , ℎ % 9 9 9 ! ∈ # ℎ % sk ℎ 1 ℎ 1 ! ∈ # ! ∈ # $ 1 -subgroup $ 1 -subgroup $ % -subgroup 40

  42. compiler & lemma unbounded ABE bounded ABE entropy expansion lemma 2 4 ) 2 4 ) 2 3 , ( 1 2 3 , ( 1 -$. = ( ( 1 , ( 1 -$. = ( ( 1 , ( 1 ≈ ⋅ ) 2 3 67⋅2 4 , ( 1 ) 2 3 67⋅2 4 , ( 1 )* + , ( % ) ) ) ( % ct ! ∈ # ! ∈ # ( 1 ( 1 ! ∈ # 9 2 3 67⋅2 4 , ℎ 1 9 2 3 67⋅2 4 , ℎ 1 9* + , ℎ % 9 9 9 ! ∈ # ℎ % sk ℎ 1 ℎ 1 ! ∈ # ! ∈ # $ 1 -subgroup $ 1 -subgroup $ % -subgroup dual system method [Waters09] 41

Recommend

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of a discrete random variable. Properties: H(x) &gt;= 0 Entropy Entropy Lesser the probability for an event, larger the entropy.

471 views • 21 slides
Physics 115 General Physics II Session 13 Specific heats revisited Entropy R. J. Wilkes

Physics 115 General Physics II Session 13 Specific heats revisited Entropy R. J. Wilkes

Physics 115 General Physics II Session 13 Specific heats revisited Entropy R. J. Wilkes Email: phy115a@u.washington.edu Home page: http://courses.washington.edu/phy115a/ 4/22/14 Physics 115 1 Lecture Schedule (up to exam 2)

552 views • 18 slides
Entropy and The Second Law of Thermodynamics Entropy (S)

Entropy and The Second Law of Thermodynamics Entropy (S)

Entropy and The Second Law of Thermodynamics Entropy (S) Entropy is o8en related to disorder but not strictly correct Entropy is a measure

351 views • 8 slides
Formal Modeling in Cognitive Science Lecture 25: Entropy, Joint Entropy, Conditional Entropy 1

Formal Modeling in Cognitive Science Lecture 25: Entropy, Joint Entropy, Conditional Entropy 1

Entropy Entropy Formal Modeling in Cognitive Science Lecture 25: Entropy, Joint Entropy, Conditional Entropy 1 Entropy Entropy and Information Joint Entropy Frank Keller Conditional Entropy School of Informatics University of Edinburgh

81 views • 4 slides
Entropy Change in Entropy Reversible Isobaric Process Ideal Gas in a Reversible Process Free

Entropy Change in Entropy Reversible Isobaric Process Ideal Gas in a Reversible Process Free

Entropy Change in Entropy Reversible Isobaric Process Ideal Gas in a Reversible Process Free Expansion of an Ideal Gas Microscopic Interpretation of Entropy Entropy and the Second Law of Thermodynamics

466 views • 11 slides
Entropy Coding Definition of Entropy Three Entropy coding techniques: (taken from the

Entropy Coding Definition of Entropy Three Entropy coding techniques: (taken from the

Outline Entropy Coding Definition of Entropy Three Entropy coding techniques: (taken from the Technion) Huffman coding Arithmetic coding Lempel-Ziv coding 2 Entropy Definitions Alphabet : A finite set containing at least

402 views • 10 slides
HAVEGE HArdware Volatile Entropy Gathering and Expansion Unpredictable random number generation

HAVEGE HArdware Volatile Entropy Gathering and Expansion Unpredictable random number generation

HAVEGE HArdware Volatile Entropy Gathering and Expansion Unpredictable random number generation at user level Andr Seznec Nicolas Sendrier Andr Seznec Caps Team IRISA/INRIA Unpredictable random numbers Unpredictable =

597 views • 48 slides
Pairing-Based Cryptography &amp; Generic Groups Lecture 22 1 Bilinear Pairing 2 Bilinear

Pairing-Based Cryptography &amp; Generic Groups Lecture 22 1 Bilinear Pairing 2 Bilinear

Pairing-Based Cryptography &amp; Generic Groups Lecture 22 1 Bilinear Pairing 2 Bilinear Pairing Two (or three) groups with an efficient pairing operation, e: G x G G T that is bilinear 2 Bilinear Pairing Two (or three) groups

1.06k views • 102 slides
Abstract rule representations in a Abstract rule representations in a bilinear model bilinear

Abstract rule representations in a Abstract rule representations in a bilinear model bilinear

Abstract rule representations in a Abstract rule representations in a bilinear model bilinear model Computational and Systems Neuroscience Conference, 2009 Kai Krueger and Peter Dayan Gatsby Computational Neuroscience Unit Introduction A key

441 views • 16 slides
Pairing-Based Cryptography &amp; Generic Groups Lecture 21 Bilinear Pairing Bilinear Pairing

Pairing-Based Cryptography &amp; Generic Groups Lecture 21 Bilinear Pairing Bilinear Pairing

Pairing-Based Cryptography &amp; Generic Groups Lecture 21 Bilinear Pairing Bilinear Pairing Two (or three) groups with an efficient pairing operation, e: G x G G T that is bilinear Bilinear Pairing Two (or three) groups with an

1.67k views • 118 slides
Pairing-Based Cryptography &amp; Generic Groups Lecture 22 Bilinear Pairing Bilinear Pairing

Pairing-Based Cryptography &amp; Generic Groups Lecture 22 Bilinear Pairing Bilinear Pairing

Pairing-Based Cryptography &amp; Generic Groups Lecture 22 Bilinear Pairing Bilinear Pairing Two (or three) groups with an efficient pairing operation, e: G x G G T that is bilinear Bilinear Pairing Two (or three) groups with an

1.44k views • 105 slides
Road detection via entropy By Anna Zaidman 1 1 What is entropy? Entropy is a mathematically

Road detection via entropy By Anna Zaidman 1 1 What is entropy? Entropy is a mathematically

Road detection via entropy By Anna Zaidman 1 1 What is entropy? Entropy is a mathematically - defined thermodynamic quantity that helps to account for the flow of energy through a thermodynamic process. 2 What is

467 views • 13 slides
Weakly-coupled bilinear quantum systems Thomas Chambrion Nabile Boussad (Besanon) and Marco

Weakly-coupled bilinear quantum systems Thomas Chambrion Nabile Boussad (Besanon) and Marco

Bilinear quantum systems Averaging techniques Examples Conclusion Weakly-coupled bilinear quantum systems Thomas Chambrion Nabile Boussad (Besanon) and Marco Caponigro (Rutgers) PICOF 2012. April 24, 2012 Bilinear quantum systems

776 views • 28 slides
E N T R O P Y S T R U C T U R E Entropy versus resolution Tomasz Downarowicz MOTIVATION

E N T R O P Y S T R U C T U R E Entropy versus resolution Tomasz Downarowicz MOTIVATION

E N T R O P Y S T R U C T U R E Entropy versus resolution Tomasz Downarowicz MOTIVATION Entropy measures exponential complexity in a topological dynamical system: topological entropy very crude, entropy function on invariant

556 views • 23 slides
Hom and Ext, Revisited Justin Lyle Lawrence, KS justin.lyle@ku.edu April 28, 2018 JL Hom and

Hom and Ext, Revisited Justin Lyle Lawrence, KS justin.lyle@ku.edu April 28, 2018 JL Hom and

Hom and Ext, Revisited Hom and Ext, Revisited Justin Lyle Lawrence, KS justin.lyle@ku.edu April 28, 2018 JL Hom and Ext, Revisited Hom and Ext, Revisited Joint work with Hailong Dao and Mohammad Eghbali JL Hom and Ext, Revisited Hom

871 views • 45 slides
Chapter 2 Entropy, Relative Entropy, and Mutual Infor- mation Peng-Hua Wang Graduate Institute

Chapter 2 Entropy, Relative Entropy, and Mutual Infor- mation Peng-Hua Wang Graduate Institute

Chapter 2 Entropy, Relative Entropy, and Mutual Infor- mation Peng-Hua Wang Graduate Institute of Communication Engineering National Taipei University Chapter Outline Chap. 2 Entropy, Relative Entropy, and Mutual Information 2.1 Entropy 2.2

752 views • 51 slides
Ranking-Based Voting How to Describe . . . Revisited: Maximum Utility-Based Decision . . . How

Ranking-Based Voting How to Describe . . . Revisited: Maximum Utility-Based Decision . . . How

Need for Voting and . . . What Information Can . . . Ranking-Based . . . Why Borda Count? Ranking-Based Voting How to Describe . . . Revisited: Maximum Utility-Based Decision . . . How to Make a Group . . . Entropy Approach Case of

468 views • 28 slides
Huffman Encoding 13-Oct-11 Entropy Entropy is a measure of information content: the number of

Huffman Encoding 13-Oct-11 Entropy Entropy is a measure of information content: the number of

Huffman Encoding 13-Oct-11 Entropy Entropy is a measure of information content: the number of bits actually required to store data. Entropy is sometimes called a measure of surprise A highly predictable sequence contains little actual

293 views • 16 slides
ARE THE SHANNON ENTROPY AND RESIDUAL ENTROPY SYNONYMS? H = R 0 ? MARKO POPOVIC DEPARTMENT OF

ARE THE SHANNON ENTROPY AND RESIDUAL ENTROPY SYNONYMS? H = R 0 ? MARKO POPOVIC DEPARTMENT OF

ARE THE SHANNON ENTROPY AND RESIDUAL ENTROPY SYNONYMS? H = R 0 ? MARKO POPOVIC DEPARTMENT OF CHEMISTRY AND BIOCHEMISTRY, BYU, PROVO, UT 84602, POPOVIC.PASA@GMAIL.COM Thermodynamic entropy - S (J/K) At T=0K ideal crystal imperfect

560 views • 21 slides
Infotheory for Statistics and Learning Lecture 1 Entropy Relative entropy Mutual

Infotheory for Statistics and Learning Lecture 1 Entropy Relative entropy Mutual

Infotheory for Statistics and Learning Lecture 1 Entropy Relative entropy Mutual information f -divergence Mikael Skoglund 1/16 Entropy Over ( R , B ) , consider a discrete RV X with all probability in a countable set X B ,

538 views • 8 slides
Small Normalized Boolean Circuits for Semi-disjoint Bilinear Forms Require Logarithmic

Small Normalized Boolean Circuits for Semi-disjoint Bilinear Forms Require Logarithmic

Small Normalized Boolean Circuits for Semi-disjoint Bilinear Forms Require Logarithmic Conjunction-depth Andrzej Lingas, Lund university CCC 2018 0-0 Semi-disjoint Bilinear Form A set F of quadratic polynomials over a semi-ring,

349 views • 22 slides
Chapter 14: Fourier Transforms and Boundary Value Problems in an Unbounded Region Department of

Chapter 14: Fourier Transforms and Boundary Value Problems in an Unbounded Region Department of

Fourier Transforms BVPs in an Unbounded Region Chapter 14: Fourier Transforms and Boundary Value Problems in an Unbounded Region Department of Electrical Engineering National Taiwan University ihwang@ntu.edu.tw December 25, 2013 1 / 27

459 views • 27 slides
Model Uncertainty and Robustness: Entropy Coherent and Entropy Convex Measures of Risk Roger J.

Model Uncertainty and Robustness: Entropy Coherent and Entropy Convex Measures of Risk Roger J.

Model Uncertainty and Robustness: Entropy Coherent and Entropy Convex Measures of Risk Roger J. A. Laeven Dept. of Econometrics and OR Tilburg University, CentER and Eurandom based on joint work with Mitja Stadje August 30, 2011 Entropy

442 views • 40 slides
Comparison Between Bayesian and Maximum Entropy Analysis of Flow Networks 1 Maximum Entropy

Comparison Between Bayesian and Maximum Entropy Analysis of Flow Networks 1 Maximum Entropy

Comparison Between Bayesian and Maximum Entropy Analysis of Flow Networks 1 Maximum Entropy The Maximum Entropy (MaxEnt) method is a methodology to assign or update probability distributions to describe systems which are not completely

202 views • 17 slides

More recommend