Collaborative Research: SaTC: CORE: Medium: Removing Trust Assumptions from Encryption Systems

协作研究：SaTC：核心：中：从加密系统中删除信任假设

• 批准号: 2318701
• 负责人: David Wu
• 金额: $ 60万
• 依托单位: University of Texas at Austin
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2318701&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Medium

Public-key encryption is the basis for secure communication on the Internet. In a public-key encryption scheme, anyone can encrypt a message using a user's public key with the assurance that only the designated recipient can decrypt the message. In the last 25 years, functional encryption has emerged as a generalization of public-key encryption to provide fine-grained control to encrypted data. For instance, one can encrypt a message such that only users possessing a certain credential can decrypt. While functional encryption has enabled new capabilities, it does so at the cost of introducing a new trust model. In public-key encryption, individual users generate their own secret keys, whereas in functional encryption, the power is vested in a central trusted authority. If compromised, the attacker gains the ability to decrypt every ciphertext in the system. The central goal of this project is to develop new cryptographic mechanisms to reduce the trust assumptions needed to realize the expressive capabilities of functional encryption. Additionally, this project seeks to strengthen the network of cryptography researchers in Texas through semi-annual workshops for researchers and graduate students as well as providing mentoring and educational opportunities for undergraduates and high-school students.The goal of this project is to develop new techniques to reduce the amount of trust needed in advanced encryption schemes. The primary focus will be on two different models: (1) a registration-based model; and (2) a multi-authority model. In the registration-based model for functional encryption, the trusted key issuer is replaced with an untrusted key aggregator. To join the system, users register their public key with the key aggregator. The key aggregator is a deterministic, transparent algorithm whose sole responsibility is aggregating public keys into a single short public key. This aggregated key then functions as the public key for the encryption scheme. This project will explore new avenues for constructing different notions of functional encryption (e.g., attribute-based encryption and broadcast encryption) in the registration-based model. The second main approach for reducing trust is the multi-authority model where instead of a single trusted authority, there are many independent key-issuing authorities. In this setting, a single compromised authority no longer jeopardizes security of the entire system. This project will explore new approaches for realizing multi-authority encryption schemes.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

公钥加密是在Internet上进行安全通信的基础。在公开密钥的加密方案中，任何人都可以使用用户的公钥加密消息，并保证只有指定的收件人才能解密消息。在过去的25年中，功能加密已成为公开加密的概括，可为加密数据提供细粒度的控制。例如，可以对消息进行加密，以便只有拥有一定凭据可以解密的用户。尽管功能加密已启用了新功能，但它以引入新的信任模型为代价。在公钥加密中，单个用户生成了自己的秘密密钥，而在功能加密中，该功率归属于中央信任的权威。如果受到妥协，攻击者将获得解密系统中每个密文的能力。该项目的核心目标是开发新的加密机制，以减少实现功能加密表达能力所需的信任假设。此外，该项目旨在通过为研究人员和研究生的半年度讲习班加强德克萨斯州的加密研究人员网络，并为本科生和高中生提供指导和教育机会。该项目的目标是开发新技术以减少高级加密计划所需的信任量。主要重点将放在两个不同的模型上：（1）基于注册的模型； （2）多权威模型。在基于注册的功能加密模型中，受信任的密钥发行者被不受信任的密钥聚合器取代。要加入系统，用户将其公共密钥注册为密钥聚合器。关键聚合器是一种确定性，透明的算法，其唯一责任是将公共钥匙汇总为一个简短的公共密钥。然后，该汇总的密钥可作为加密方案的公共密钥。该项目将探索用于构建基于注册模型中不同功能加密概念（例如，基于属性的加密和广播加密）的新途径。减少信任的第二个主要方法是多权利模型，其中有许多独立的钥匙发行当局，而不是单个可信赖的权威。在这种情况下，单个损害的权威不再危害整个系统的安全性。该项目将探讨实现多授权加密计划的新方法。该奖项反映了NSF的法定使命，并被认为是值得通过基金会的知识分子优点和更广泛的影响评估标准通过评估来支持的。

项目成果

Realizing Flexible Broadcast Encryption: How to Broadcast to a Public-Key Directory

• DOI: 10.1145/3576915.3623168
• 发表时间: 2023-11
• 期刊: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security
• 作者: R. Garg;George Lu;Brent Waters;David J. Wu