logo

SCIENCE CHINA Information Sciences, Volume 63 , Issue 2 : 122101(2020) https://doi.org/10.1007/s11432-019-9907-x

Intersection-policy private mutual authentication from authorized private set intersection

More info
  • ReceivedMar 25, 2019
  • AcceptedMay 28, 2019
  • PublishedJan 16, 2020

Abstract

Private mutual authentication (PMA) enables two-wayanonymous authentication between two users certified by the same trusted group authority. Most existing PMA schemes focus on acquiring a relatively onefold authentication policy that ensures affiliation-hiding or designated single-attribute matching. However, in practice, users are typically provided with multiple attributes. In addition to the affiliation-hiding requirement, how to effectively achieve a more flexible authentication policy for multi-attribute applications remains a challenging issue. The intersection policy for authentication is also required when the attribute intersection is not an empty set or its cardinality is no less than a threshold value. To solve the above problems, we first propose an optimal authorized private set intersection protocol with forward security based on identity-based encryption and then design a new PMA protocol with intersection-policy called IP-PMA, which provides a simple solution for secret handshakes between two members (holding multiple attributes) from the same organization. Formal security analyses proved that our two proposed protocols are secure in the random oracle model. Empirical tests demonstrated that the IP-PMA protocol is optimized with linear complexity and may be more suitable for resource-constrained applications.


Acknowledgment

This work was supported by National Natural Science Foundation of China (Grant Nos. 61672550, 61572028, 61300204), National Key RD Program of China (Grant No. 2017YFB0802503), National Cryptography Development Fund (Grant No. MMJJ20180206), National Social Science Foundation of China (Grant No. 14BXW031), Natural Science Foundation of Guangdong (Grant Nos. 2019A1515011797, 2016A030310027, 2014A030313609, 2018A030313954), Project of Science and Technology of Guangzhou (Grant No. 201802010044), State Scholarship Fund of China Scholarship Council (CSC) (Grant No. 201808440097), and Research Team of Big Data Audit from Guangdong University of Finance and Economics.


References

[1] Jarecki S, Liu X M. Private mutual authentication and conditional oblivious transfer. In: Proceedings of the 29th Annual International Cryptology Conference, Santa Barbara, 2009. 90--107. Google Scholar

[2] Balfanz D, Durfee G, Shankar N, et al. Secret handshakes from pairing-based key agreements. In: Proceedings of IEEE Symposium on Security and Privacy, Berkeley, 2003. 180--196. Google Scholar

[3] Ateniese G, Blanton M, Kirsch J. Secret handshakes with dynamic and fuzzy matching. In: Proceedings of Network and Distributed System Security Symposium, 2007. 159--177. Google Scholar

[4] Sahai A, Waters B. Fuzzy identity-based encryption. In: Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (Advances in Cryptology - EUROCRYPT), St. Petersburg, 2005. 457--473. Google Scholar

[5] Wen Y, Gong Z. Private mutual authentications with fuzzy matching. IJHPSA, 2014, 5: 3-12 CrossRef Google Scholar

[6] Freedman M, Nissim K, Pinkas B. Efficient private matching and set intersection. In: Proceedings of the 23th International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Interlaken, 2004. 1--19. Google Scholar

[7] El Defrawy K, Faber S. Blindfolded Data Search via Secure Pattern Matching. Computer, 2013, 46: 68-75 CrossRef Google Scholar

[8] de Cristofaro E, Tsudik G. Practical private set intersection protocols with linear complexity. In: Proceedings of the 14th International Conference on Financial Cryptography and Data Security, Tenerife, 2010. 143--159. Google Scholar

[9] de Cristofaro E, Faber S, Gasti P, et al. Genodroid: are privacy-preserving genomic tests ready for prime time? In: Proceedings of the 11th Annual ACM Workshop on Privacy in the Electronic Society, Raleigh, 2012. 97--108. Google Scholar

[10] Becchetti L, Bergamini L, Colesanti U M. A lightweight privacy preserving SMS-based recommendation system for mobile users. Knowl Inf Syst, 2014, 40: 49-77 CrossRef Google Scholar

[11] Guan Z T, Zhang Y, Zhu L H. EFFECT: an efficient flexible privacy-preserving data aggregation scheme with authentication in smart grid. Sci China Inf Sci, 2019, 62: 032103 CrossRef Google Scholar

[12] Miao Y B, Ma J F, Liu X M. Practical Attribute-Based Multi-Keyword Search Scheme in Mobile Crowdsourcing. IEEE Internet Things J, 2018, 5: 3008-3018 CrossRef Google Scholar

[13] Miao Y B, Ma J F, Liu X M. Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing. IEEE Trans Serv Comput, 2017, : 1-1 CrossRef Google Scholar

[14] Miao Y B, Ma J F, Liu X M. Lightweight Fine-Grained Search over Encrypted Data in Fog Computing. IEEE Trans Serv Comput, 2018, : 1-1 CrossRef Google Scholar

[15] He D B, Wang D, Xie Q. Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation. Sci China Inf Sci, 2017, 60: 052104 CrossRef Google Scholar

[16] Castelluccia C, Jarecki S, Tsudik G. Secret handshakes from CA-oblivious encryption. In: Proceedings of the 10th International Conference on the Theory and Application of Cryptology and Information Security, Jeju Island, 2004. 293--307. Google Scholar

[17] Zhou L, Susilo W, Mu Y. Three-round secret handshakes based on ElGamal and DSA. In: Proceedings of the Second International Conference on Information Security Practice and Experience, Hangzhou 2006. 332--342. Google Scholar

[18] Vergnaud D. RSA-based secret handshakes. In: Proceedings of International Workshop on Coding and Cryptography, Bergen, 2005. 252--274. Google Scholar

[19] Jarecki S, Kim J, Tsudik G. Beyond secret handshakes: affiliation-hiding authenticated key exchange. In: Proceedings of the Cryptographers' Track at the RSA Conference, San Francisco, 2008. 352--369. Google Scholar

[20] Wen Y M, Zhang F G, Xu L L. Secret handshakes from ID-based message recovery signatures: A new generic approach. Comput Electrical Eng, 2012, 38: 96-104 CrossRef Google Scholar

[21] Wen Y M, Zhang F G, Xu L L. Unlinkable secret handshakes from message recovery signature. Chin J Electron, 2010, 19: 705--709. Google Scholar

[22] Huang H, Cao Z F. A novel and efficient unlinkable secret handshakes scheme. IEEE Commun Lett, 2009, 13: 363-365 CrossRef Google Scholar

[23] Su R W. On the security of a novel and efficient unlinkable secret handshakes scheme. IEEE Commun Lett, 2009, 13: 712-713 CrossRef Google Scholar

[24] Gu J, Xue Z. An improved efficient secret handshakes scheme with unlinkability. IEEE Commun Lett, 2011, 15: 486--490. Google Scholar

[25] Jarecki S, Liu X. Unlinkable secret handshakes and key-private group key management schemes. In: Proceedings of the 5th International Conference on Applied Cryptography and Network Security, Zhuhai, 2007. 270--287. Google Scholar

[26] Kawai Y, Yoneyama K, Ohta K. Secret handshake: strong anonymity definition and construction. In: Proceedings of the 5th International Conference on Information Security Practice and Experience, 2009. 219--229. Google Scholar

[27] Wen Y M, Zhang F G. A new revocable secret handshake scheme with backward unlinkability. In: Proceedings of the 10th European Workshop on Public Key Infrastructures, Services and Applications, Athens, 2010. 17--30. Google Scholar

[28] Jarecki S, Kim J, Tsudik G. Group secret handshakes or affiliation-hiding authenticated group key agreement. In: Proceedings of the Cryptographers' Track at the RSA Conference, San Francisco, 2007. 287--304. Google Scholar

[29] Sorniotti A, Molva R. A provably secure secret handshake with dynamic controlled matching. Comput Security, 2010, 29: 619-627 CrossRef Google Scholar

[30] Sorniotti A, Molva R. Federated secret handshakes with support for revocation. In: Proceedings of the 12th International Conference on Information and Communications Security, Barcelona, 2010. 218--234. Google Scholar

[31] Hou L, Lai J Z, Liu L X. Secret handshakes with dynamic express matching policy. In: Proceedings of the 21st Australasian Conference on Information Security and Privacy, 2016. 461--476. Google Scholar

[32] Wen Y M, Gong Z. A dynamic matching secret handshake scheme without random oracles. In: Proceedings of the 8th International Conference on Network and System Security, Xi'an, 2014. 409--420. Google Scholar

[33] Lu R X, Lin X D, Liang X H. A Secure Handshake Scheme with Symptoms-Matching for mHealthcare Social Network. Mobile Netw Appl, 2011, 16: 683-694 CrossRef Google Scholar

[34] He D B, Kumar N, Wang H Q. A Provably-Secure Cross-Domain Handshake Scheme with Symptoms-Matching for Mobile Healthcare Social Network. IEEE Trans Dependable Secure Comput, 2018, 15: 633-645 CrossRef Google Scholar

[35] Tian Y G, Zhang S W, Yang G M, et al. Privacy-preserving k-time authenticated secret handshakes. In: Proceedings of the Australasian Conference on Information Security and Privacy (ACISP 2017), Auckland, 2017. 281--300. Google Scholar

[36] Tian Y G, Li Y J, Zhang Y H, et al. DSH: deniable secret handshake framework. In: Proceedings of the 14th International Conference on Information Security Practice and Experience (ISPEC 2018), Tokyo, 2018. 341--353. Google Scholar

[37] Ateniese G, Francati D, Nu$\tilde{n}$ez D, et al. Match me if you can: matchmaking encryption and its applications. https://eprint.iacr.org/2018/1094. Google Scholar

[38] Boneh D, Franklin M. Identity-based encryption from the weil pairing, In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology - CRYPTO, Santa Barbara, 2001. 514--532. Google Scholar

[39] de Cristofaro E, Jarecki S, Kim J, et al. Privacy-preserving policy-based information transfer. In: Proceedings of the 9th International Symposium on Privacy Enhancing Technologies, Seattle, 2009. 164--184. Google Scholar

[40] de Cristofaro E, Kim J, Tsudik G. Linear-complexity private set intersection protocols secure in malicious model. In: Proceedings of the 16th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT), Singapore, 2010. 213--231. Google Scholar

  • Figure 1

    (Color online) Illustration of the PMA scenario.

  • Figure 2

    (Color online) Performance trends of computation costs. (a) PMA; (b) AddMember.

  • Table 1   Comparison of related PMA schemes
    sf ABK07[3] sf WZ14[5]IP-PMA
    Setup $(2n+3)T_{\rm~e}$ $-$ $-$
    CreateGroup $-$ $T_{\rm~e}$ $T_{\rm~sm}$
    AddMember $n(n+6)T_{\rm~e}$ $n(n+6)T_{\rm~e}$ $n(T_{\rm~sm}+T_{\rm~H})$
    PMA $(2d+1)T_{\rm~p}$ $(2d+2)T_{\rm~p}$ $2T_{\rm~sm}+(3n+1)T_{\rm~p}$
    $+(n(n+4)+d+2)T_{\rm~e}$ $+(n(n+4)+4n+d+2)T_{\rm~e}$ $+(2n+1)T_{\rm~e}+(n+1)T_{\rm~H}$
    Communication complexity $2(n+1)|\mathbb{G}_1|$ $6n|\mathbb{G}_1|+2|\mathbb{Z}_{q}|$ $2(|\mathbb{G}|+n|\kappa|)$
    Intersection computation Need prepared Need prepared No need prepared

Copyright 2020  CHINA SCIENCE PUBLISHING & MEDIA LTD.  中国科技出版传媒股份有限公司  版权所有

京ICP备14028887号-23       京公网安备11010102003388号