Description
Secure access delegation describes the problem of how a delegator can provide secure access to sensitive data
to a delegatee using an honest-but-curious proxy, that stores the encrypted information and must not be able
to read the data by itself. This thesis deals with the question to what extent post-quantum secure
Proxy Re-Encryptions (PRE) schemes can be used to solve the secure access delegation problem today.
Proxy Re-Encryption enables the proxy to re-encrypt a ciphertext via a re-encryption key to the delegatee,
such that the proxy is not able to get access to the sensitive plaintext. For this purpose, several lattice-based
Proxy Re-Encryption schemes are analyzed regarding security levels, efficiency and common Proxy Re-Encryption characteristics.
As we will see, unfortunately no scheme, that is both highly secure and efficient, exists today.
The second part of this thesis presents the architecture and implementation of a PRE REST API, written in C++, which provides
customized access to a post-quantum secure Proxy Re-Encryption scheme that is one of the few practical ones at present.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching