20120622-SERE2012 Slides

PBE Research Problem Security Design Patterns A PBE Pattern Language The End
Thinking Towards a Pattern Language for PBE Crypto-Systems

Jan de Muijnck-Hughes Ishbel Duncan
School of Computer Science, University of St Andrews, St Andrews, Fife, UK {jfdm, ishbel.duncan}@st-andrews.ac.uk
22 June 2012
SERE 2012
1/22
Classic Public Key Encryption (PKE)

Die and Hellman (1976) (Enc(E ), Dec(E )) KeyGen(k ) (1) (2) (3)
CT Encrypt(Enc(E ), M )
M Decrypt(Dec(E ), CT )
SERE 2012
2/22
Classic Public Key Encryption (PKE)

Die and Hellman (1976) (Enc(E ), Dec(E )) KeyGen(k ) (1) (2) (3)
CT Encrypt(Enc(E ), M )
M Decrypt(Dec(E ), CT )
Self-Evident Truths Adapted from Boneh et al. (2010):

1 2 3 4
Cryptographic keys are paired Encryption/Decryption is one-to-one 1-2-Many Encryption is cumbersome Decryption is an atomic transaction
SERE 2012
2/22
Modern PKE
Cryptographic keys are not paired

encryption and decryption keys are not linked
Encryption/Decryption is not one-to-one

a cipher-text can be decrypted with multiple decryption keys
3 4
1-2-Many Encryption is easy Decryption is not an atomic transaction

some schemes allow for partial decryption of a cipher-text
SERE 2012
3/22
What is PBE?
Predicate Based Encryption (PBE) A family of public key encryption algorithms where decryption is determined by the satisfaction of a predicate by a set of attributes
Functional operation is analogous to ABAC Expressive ne-grained encrypted access control Keys are constructed from sets of attributes and access policies Keys can be specied as strings Predicate placement gives: Ciphertext-Policy (CP): Encrypt under predicates = ABAC Key-Policy (KP): Encrypt under set of attributes = CBAC 1-2-Many Encryption = eciency gains
SERE 2012
4/22
General Denition for PBE
Denition (General PBE Scheme) A general PBE scheme consists of the four operations: (MSK, MPK) Setup(1 ) (4) (5) (6) (7)
Dec(input) KeyGen(MSK, input) CT Encrypt(MPK, Enc(M ), M )
M Decrypt(MPK, Dec(input), CT )
where input and Enc(M ) will be either: predicate; or set of attributes.
SERE 2012
5/22
Example: CP-ABE
Enc(M ) 786b6364 2e636f6d2 f3335332f Cipher-text Dec(Cobie) name:cobie, gender:female, height=1.76, speaks:nl speaks:en-gb Dec(Ilse) name:ilse, gender:female, height=1.98, speaks:nl speaks:en-us (gender:female height 1.75m (speaks:nl speaks:en-gb))
Dec(Anke) name:anke, gender:female, height=1.60, speaks:en-gb Ilse Anke
Cobie
SERE 2012
6/22
Uses of PBE
Distributed Encrypted Access Control Using Ciphertext-Policy schemes to provide:

PBE within a Service PBE as a Service Distributed Security
Keyword Search on Encrypted Data Using Key-Policy schemes to provide:

Database Access Database Submission
SERE 2012
7/22
The Problem
Current Work towards PBE Scheme Specication Bespoke Systems Proof of Concept Investigate the use of PBE Crypto-Systems

Construction Organisational Measures Best Practises Deployment Use by non-domain experts
SERE 2012
8/22
Concerns for Crypto-Systems
General Concerns Specication Design Construction Implementation Deployment Use Crypto-System Concerns

Access Control Crypto Primitives Representation of Keys Key Management System Administration
SERE 2012
9/22
Research Hypothesis
By using a pattern-based approach, a separation of concerns can be provided that governs how PBE crypto-systems can be leveraged by those who lack expertise within the security, and applied cryptography domains.
SERE 2012
10/22
Design Patterns
Denition A three-part rule, which expresses a relation between a certain context, a certain system of forces which occurs repeatedly in that context, and a certain software conguration which allows these forces to resolve themselves Yoshioka et al., 2008.
Well documented solution to a recurrent problem within a particular
context tried and tested design decisions made by domain experts

Cross domain knowledge transfer A separation of concerns between solution conception and application.
SERE 2012
11/22
Pattern Languages
Denition A network of tightly interwoven patterns that denes a process for resolving a set of related interdependent software development problems systematically Buschmann et al., 2007.
Representation of complex ideas and systems Single patterns solve simple problems Illustrated using Pattern Diagrams Layers of abstraction
SERE 2012
12/22
Security Patterns
Denition Pattern, and Pattern Languages used to describe solutions to recurring security problem Yoder and Barcalow (1997). Examples Enterprise Physical Access Control, Management. . . User Password selection, Privacy. . . Cryptography Key Management, Information Secrecy. . . Network Firewalls, Secure Channels. . . Software IAM, Access Control. . .
SERE 2012
13/22
Proposed Pattern Language

Abstract Security Patterns Direct Authentication Brokered Authentication Federated Identity Async. Sec. Channel
Deployment
PBE within a Service
PBE as a Service
Distributed Security
Database Access
Database Submission
Types
CP PBE
KP PBE
Components
Access Control
Group Info. Secrecy
Tokens/ Credentials
Token Management
System Administration
PBE Pattern Language
SERE 2012
14/22
Addressing Crypto-System Concerns
Cryptography Patterns exist for Information Secrecy, Key Managment Written for Classic Public Key Encryption (PKE)! Need new patterns designed for PBE Access Control Use existing patterns Ciphertext-Policy = ABAC Pattern Key-Policy = Capability Pattern Use attribute and policy patterns to represent keys. System Administration
Construct guidance patterns Access Control and Key Generation
SERE 2012
15/22
Other Construction Challenges
Modelling CP and KP Patterns Selecting lower level patterns Ensuring correctness Modelling Deployment Patterns
Correct modelling of deployment patterns Ensuring correctness
Level of Abstraction How concrete should the pattern language be? Specify software libraries, and settings?
SERE 2012
16/22
Pattern Language Evaluation
How to evaluate our pattern language? Not a well documented area! Need to develop a evaluation methodology. . . Qualitative or Quantitative approach?
Possible Evaluation Criteria?

Ease of Use i.e. can novices use the patterns Appropriatness for Solution Quality of Documentation Quality of Security Eectivness i.e. metrics
SERE 2012
17/22
Conclusion
Take Home Messages

PBE schemes are very powerful! Ecient ne-grained encrypted access control. Patterns help address Separation of Concerns Allow non-domain experts to leverage strange ideas
Summary
Outlined a pattern-based approach to the deployment of PBE
crypto-systems
Overview of perceived challenges Construction Evaluation
SERE 2012
18/22
Conclusion cont. . .
Future Work
There is a lot! Investigate requirements for organisational measures for key
management
Construct the Pattern Language Evaluate the Pattern Language
SERE 2012
19/22
Further Reading
Functional Encryption Schemes Dan Boneh et al. (2010). Functional Encryption: Denitions and Challenges. Cryptology ePrint Archive, Report 2010/543 Security Patterns
Nobukazu Yoshioka et al. (2008). A Survey on Security Patterns.
In: Progress in Informatics 5, pp. 3347

Michaela Bunke et al. (2011). Application-Domain Classication for
Security Patterns. In: PATTERNS 2011, The Third International Conferences on Pervasive Patterns and Applications. Rome, Italy: ThinkMind, pp. 138143. ISBN: 978-1-61208-158-8
SERE 2012
20/22
Further Reading cont. . .
For more information:

I maintain an extensive bibliography on cryptography, security, and
other topics on-line: http://www.citeulike.org/user/jfdm

I also keep notes on my departmental web-page.
http://www.cs.st-andrews.ac.uk/~jfdm/notes.html
You can also email me. Or speak to me oine.
SERE 2012
21/22
Thanks for Listening
http://graygame205.wordpress.com/

20120622-SERE2012 Slides

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

20120622-SERE2012 Slides

Uploaded by

Copyright:

Available Formats

PBE Research Problem Security Design Patterns A PBE Pattern Language The End

Thinking Towards a Pattern Language for PBE Crypto-Systems

School of Computer Science, University of St Andrews, St Andrews, Fife, UK {jfdm, ishbel.duncan}@st-andrews.ac.uk

Classic Public Key Encryption (PKE)

Classic Public Key Encryption (PKE)

Self-Evident Truths Adapted from Boneh et al. (2010):

Cryptographic keys are not paired

Encryption/Decryption is not one-to-one

1-2-Many Encryption is easy Decryption is not an atomic transaction

General Denition for PBE

Dec(input) KeyGen(MSK, input) CT Encrypt(MPK, Enc(M ), M )

where input and Enc(M ) will be either: predicate; or set of attributes.

Dec(Anke) name:anke, gender:female, height=1.60, speaks:en-gb Ilse Anke

Distributed Encrypted Access Control Using Ciphertext-Policy schemes to provide:

Keyword Search on Encrypted Data Using Key-Policy schemes to provide:

Construction Organisational Measures Best Practises Deployment Use by non-domain experts

Concerns for Crypto-Systems

context tried and tested design decisions made by domain experts

Proposed Pattern Language

PBE within a Service

Group Info. Secrecy

PBE Pattern Language

Addressing Crypto-System Concerns

Other Construction Challenges

Pattern Language Evaluation

Possible Evaluation Criteria?

Take Home Messages

In: Progress in Informatics 5, pp. 3347

Further Reading cont. . .

For more information:

other topics on-line: http://www.citeulike.org/user/jfdm

Thanks for Listening

You might also like