Blind attribute-based encryption and oblivious transfer with fine-grained access control

Abstract

We propose two constructions of oblivious transfer with access control (OTAC), i.e., oblivious transfer schemes in which a receiver can obtain a message only if her attributes, which are certified by a credential issuer, satisfy the access control policy of that message. The receiver remains anonymous towards the sender and the receiver’s attributes are not disclosed to the sender. Our constructions are based on any ciphertext policy attribute based encryption (CPABE) scheme that fulfills the committing and key separation properties, which we define. We also provide a committing CPABE with key separation scheme that supports any policy described by a monotone access structure, which, in comparison to previous work, allows our OTAC construction to support efficiently a wider variety of access control policies. In our constructions, a receiver obtains from the sender a CPABE secret key for her attributes by using a blind key extraction with access control protocol. We provide a blind key extraction with access control protocol for any committing CPABE with key separation scheme. Previous work only provided ad-hoc constructions of blind key extraction protocols. Our generic protocol works in a hybrid model that employs novel ideal functionalities for oblivious transfer and for anonymous attribute authentication. We propose constructions that realize those novel ideal functionalities and analyze the overall efficiency of our OTAC constructions.