Skip to main content
placeholder image

New constructions of OSBE schemes and their applications in oblivious access control

Journal Article


Download full-text (Open Access)

Abstract


  • Oblivious signature-based envelope (OSBE) schemes have demonstrated their potential applications in the protection of users privacy and rights. In an OSBE protocol, an encrypted message can only be decrypted by the receiver who holds a valid signature on a public message, while the sender (encrypter) does not know whether the receiver has the signature or not. Our major contributions in this work lie in the following aspects. We improve the notion of OSBE so that a valid credential holder cannot share his/her credential with other users (i. e., all-or-nothing non-transferability). We clarify the relationship between one-round OSBE and identity-based encryption (IBE) and show that one-round OSBE and semantically secure IBE against the adaptively chosen identity attack (IND-ID-CPA) are equivalent, if the signature in the OSBE scheme is existentially unforgeable against adaptively chosen message attacks. We propose an oblivious access control scheme to protect user privacy without the aid of any zero-knowledge proof. Finally, we also highlight some other novel applications of OSBE, such as attributed-based encryption. © 2012 Springer-Verlag.

Publication Date


  • 2012

Citation


  • Han, J., Susilo, W., Mu, Y. & Yan, J. (2012). New constructions of OSBE schemes and their applications in oblivious access control. International Journal of Information Security, 11 (6), 389-401.

Scopus Eid


  • 2-s2.0-84867692887

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=9645&context=infopapers

Ro Metadata Url


  • http://ro.uow.edu.au/infopapers/2309

Number Of Pages


  • 12

Start Page


  • 389

End Page


  • 401

Volume


  • 11

Issue


  • 6

Abstract


  • Oblivious signature-based envelope (OSBE) schemes have demonstrated their potential applications in the protection of users privacy and rights. In an OSBE protocol, an encrypted message can only be decrypted by the receiver who holds a valid signature on a public message, while the sender (encrypter) does not know whether the receiver has the signature or not. Our major contributions in this work lie in the following aspects. We improve the notion of OSBE so that a valid credential holder cannot share his/her credential with other users (i. e., all-or-nothing non-transferability). We clarify the relationship between one-round OSBE and identity-based encryption (IBE) and show that one-round OSBE and semantically secure IBE against the adaptively chosen identity attack (IND-ID-CPA) are equivalent, if the signature in the OSBE scheme is existentially unforgeable against adaptively chosen message attacks. We propose an oblivious access control scheme to protect user privacy without the aid of any zero-knowledge proof. Finally, we also highlight some other novel applications of OSBE, such as attributed-based encryption. © 2012 Springer-Verlag.

Publication Date


  • 2012

Citation


  • Han, J., Susilo, W., Mu, Y. & Yan, J. (2012). New constructions of OSBE schemes and their applications in oblivious access control. International Journal of Information Security, 11 (6), 389-401.

Scopus Eid


  • 2-s2.0-84867692887

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=9645&context=infopapers

Ro Metadata Url


  • http://ro.uow.edu.au/infopapers/2309

Number Of Pages


  • 12

Start Page


  • 389

End Page


  • 401

Volume


  • 11

Issue


  • 6