Description
This thesis explores a distributed privacy-preserving access control system that handles
decryption keys for encrypted documents. Zero-knowledge proofs are employed to
prove access authorization while secret-sharing is used to achieve resilience against
active adversaries corrupting parts of the system.
The proposed design is composed of n server nodes that secret-share keys and a smart
contract that is executed on a public ledger. The document owner encodes the desired
access policy as a proof statement and hands the decryption key for the document
over to the access control system. To gain access to a document, a user creates a proof
fulfilling the given access policy. Receiving this proof, the server nodes individually
query the smart contract that verifies the proof. If a sufficient number of server nodes
observe a successful verification, they run a threshold proxy re-encryption protocol to
deliver the document decryption key to the user.
During the transaction the user’s interactions are unlinkable and release a minimal
amount of information, namely the access decision. The system tolerates 2c < n active
adversaries c among n server nodes.
We introduce a method for replay-protection of zkSnark proofs using the public ledger
on which an unmodifiable, append-only access history is constructed as well. We
further give a proxy re-encryption protocol for ElGamal ciphertexts that uses a Sigma-
protocol proof to tolerate active adversaries. The necessary commitments are computed
from artefacts of the distributed key generation and thus integrate without overhead in
the system.
The thesis provides a detailed analysis of the system’s security goals and presents a
prototype implementation using the Ethereum blockchain.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching