Sonia Jahid, Prateek Mittal, Nikita Borisov University of Illinois at Urbana-Champaign Presented by Nikita Borisov ASIACCS 2011

2

 Encrypt social network data  flyByNight [Lucas&Borisov’08]  NOYB [Guha et al.’09]  FaceCloak [Luo et al.’09]  Persona [Baden et al.’09]  Users directly control access  Grant access by distributing keys  Revoke access by…? 3

4 Alice Bob CarolDiana Existing Data Our Contribution: Efficient revocation without rekeying or re- encryption, by using a minimally trusted proxy Our Contribution: Efficient revocation without rekeying or re- encryption, by using a minimally trusted proxy Re-encrypt

5 Bob CarolDiana KeyProxy (Revoke Bob) Proxy Modified CT component CT component PK, MK 1 AND Colleague Neighbor OR Friend friend, neighbor colleague friend, colleague Alice Setup KeyGen Encrypt Revoke /KeyProxy Revoke /KeyProxy Convert Decrypt

6 SK r,r1 SK r,r 2 SK r,r3 SK r,r 4 CT CT ’ SK Convert Point to Determine, P(0)

 Immediate revocation  As soon as proxy updated  Including past data  Minimally trusted proxy  Cannot decrypt data  Cannot “unrevoke” users even if compromised 7

8

9

 Conventional revocation  Rekey 500 friends: 5s  Decrypt 2000 items: 13s  Encrypt 2000 items: 36s  EASiER: 1.5s 10

11

 We introduced an efficient revocation scheme for ABE  Useful in OSNs  Potential uses in other ABE deployments  Open problems  Forward security of proxy  Stronger security proofs 12 Sonia Jahid Prateek Mittal

13 Sonia Jahid Prateek Mittal