Provable Security 

Abstract: We present a security analysis of the complete TLS protocol in the Universal Composable security framework. This analysis evaluates the composition of key exchange functionalities realized by the TLS handshake with the message transmission of the TLS record layer to emulate secure communication sessions and is based on the adaption of the secure channel model from Canetti and Krawczyk to the setting where peer identities are not necessarily known prior the protocol invocation and may remain undisclosed. Our analysis shows that TLS, including the Diffie-Hellman and key transport suites in the uni-directional and bi-directional models of authentication, securely emulates secure communication sessions.

Abstract: As such, public-key encryption with keyword search (a.k.a PEKS or searchable encryption) does not allow the recipient to decrypt keywords i.e. encryption is not invertible. This paper introduces searchable encryption schemes which enable decryption. An additional feature is that the decryption key and the trapdoor derivation key are totally independent, thereby complying with many contexts of application. We put forward a seemingly optimal construction for decryptable searchable encryption which makes use of one KEM, one IDKEM and a couple of hash functions. We define a proper security model for decryptable searchable encryption and show that basic security requirements on the underlying KEM and IDKEM are enough for our generic construction to be strongly secure in the random oracle model.

Abstract: Ciphertext-policy attribute-based encryption (CP-ABE) is extremely suitable for cloud computing environment in that it enables data owners to make and enforce access policies themselves. However, most of the existing CP-ABE schemes suffer severe efficiency drawbacks due to large computation cost and ciphertext size, both of which linearly increase with the complexity of access policies. Aiming at tackling the challenge above, in this paper, we propose a CP-ABE scheme which features constant computation cost and constant-size ciphertexts. The proposed CP-ABE scheme is proven selective-secure in the random oracle model under the decision n-Bilinear Diffie-Hellman Exponent (n-BDHE) assumption, where n represents the total number of attributes in universe. In particular, the proposed scheme can efficiently support AND-gate access policies with multiple attribute values and wildcards. Performance comparisons indicate that the proposed CP-ABE scheme is promising in real-world applications, especially for the scenarios where computation and bandwidth issues are major concerns.

Abstract: A promising solution to protect data privacy in cloud storage services is known as ciphertext-policy attribute-based encryption CP-ABE. However, in a traditional CP-ABE scheme, a ciphertext is bound with an explicit access structure, which may leak private information about the underlying plaintext in that anyone having access to the ciphertexts can tell the attributes of the privileged recipients by looking at the access structures. A notion called CP-ABE with partially hidden access structures [14, 15, 18, 19, 24] was put forth to address this problem, in which each attribute consists of an attribute name and an attribute value and the specific attribute values of an access structure are hidden in the ciphertext. However, previous CP-ABE schemes with partially hidden access structures only support access structures in AND gates, whereas a few other schemes supporting expressive access structures are computationally inefficient since they are built from bilinear pairings over the composite-order groups. In this paper, we focus on addressing this problem, and present an expressive CP-ABE scheme with partially hidden access structures in prime-order groups.