D4.2 Security Enhancements for Basic Cryptographic Technologies

Contributing Partners

AIT, FOKUS, GUF, SIC, TUG

Executive Summary 

We present the following three main contributions in this deliverable (and give short abstracts of further scientific results within CREDENTIAL already published or going to be published). Homomorphic Proxy Re-Authenticators and Applications to Verifiable Multi-User Data Aggregation. We introduce the notion of homomorphic proxy re-authenticators, a tool that adds security and verifiability guarantees to multi-user data-aggregation scenarios. It allows distinct sources to authenticate their data under their own keys, and a proxy can transform these single signatures or message authentication codes (MACs) to a MAC under a receiver’s key without having access to it. This result was published in [63].
Towards Attribute-Based Credentials in the Cloud. Attribute-based credentials (ABCs, sometimes also anonymous credentials) are a core cryptographic building block of privacyfriendly authentication systems, allowing users to obtain credentials on attributes and prove possession of these credentials in an unlinkable fashion. We propose a new cloud-based ABC system where a dedicated cloud service (i.e., the “wallet”) can present the users’ credentials to a third-party without accessing the attributes in the clear. This enables new privacy-preserving applications of ABCs “in the cloud.” This result was published in [85].
Revisiting Proxy Re-Encryption: Forward Secrecy, Improved Security, and Applications. We revisit the notion of proxy re-encryption (PRE), an enhanced public-key encryption primitive envisioned by Blaze et al. (Eurocrypt’98) and formalized by Ateniese et al. (NDSS’05) for delegating decryption rights from a delegator to a delegatee using a semi-trusted proxy. We study an attractive cryptographic property for PRE, namely that of forward secrecy. This result is going to be published at PKC 2018.