International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Abhi Shelat

Affiliation: Northeastern University

Publications

Year
Venue
Title
2018
PKC
Multi-Key Searchable Encryption, Revisited
We consider a setting where users store their encrypted documents on a remote server and can selectively share documents with each other. A user should be able to perform keyword searches over all the documents she has access to, including the ones that others shared with her. The contents of the documents, and the search queries, should remain private from the server.This setting was considered by Popa et al. (NSDI ’14) who developed a new cryptographic primitive called Multi-Key Searchable Encryption (MKSE), together with an instantiation and an implementation within a system called Mylar, to address this goal. Unfortunately, Grubbs et al. (CCS ’16) showed that the proposed MKSE definition fails to provide basic security guarantees, and that the Mylar system is susceptible to simple attacks. Most notably, if a malicious Alice colludes with the server and shares a document with an honest Bob then the privacy of all of Bob’s search queries is lost.In this work we revisit the notion of MKSE and propose a new strengthened definition that rules out the above attacks. We then construct MKSE schemes meeting our definition. We first give a simple and efficient construction using only pseudorandom functions. This construction achieves our strong security definition at the cost of increasing the server storage overhead relative to Mylar, essentially replicating the document each time it is shared. We also show that high server storage overhead is not inherent, by giving an alternate (albeit impractical) construction that manages to avoid it using obfuscation.
2017
EUROCRYPT
2016
TCC
2016
TCC
2015
JOFC
2015
EPRINT
2015
EPRINT
2015
EPRINT
2015
ASIACRYPT
2013
TCC
2012
TCC
2011
EUROCRYPT
2011
JOFC
2010
ASIACRYPT
2009
TCC
2009
CRYPTO
2008
EPRINT
Simulatable Adaptive Oblivious Transfer
We study an adaptive variant of oblivious transfer in which a sender has N messages, of which a receiver can adaptively choose to receive k one-after-the-other, in such a way that (a) the sender learns nothing about the receiver’s selections, and (b) the receiver only learns about the k requested messages. We propose two practical protocols for this primitive that achieve a stronger security notion than previous schemes with comparable efficiency. In particular, by requiring full simulatability for both sender and receiver security, our notion prohibits a subtle selective-failure attack not addressed by the security notions achieved by previous practical schemes. Our first protocol is a very efficient generic construction from unique blind signatures in the random oracle model. The second construction does not assume random oracles, but achieves remarkable efficiency with only a constant number of group elements sent during each transfer. This second construction uses novel techniques for building efficient simulatable protocols.
2008
ASIACRYPT
2008
CRYPTO
2007
ASIACRYPT
2007
ASIACRYPT
2007
EUROCRYPT
2007
TCC
2006
CRYPTO
2005
CRYPTO
2005
TCC

Program Committees

Eurocrypt 2019
Crypto 2018
Eurocrypt 2017
Crypto 2016
TCC 2015
Asiacrypt 2014
TCC 2013
Eurocrypt 2013
Crypto 2010
PKC 2008
TCC 2008