CryptoDB
Privacy-Preserving Blueprints
Authors: |
|
---|---|
Download: |
|
Presentation: | Slides |
Conference: | EUROCRYPT 2023 |
Abstract: | In a world where everyone uses anonymous credentials for all access control needs, it is impossible to trace wrongdoers, by design. This makes legitimate controls, such as tracing illicit trade and terror suspects, impossible to carry out. Here, we propose a privacy-preserving blueprint capability that allows an auditor to publish an encoding pk_A of the function f(x, . ) for a publicly known function f and a secret input x. For example, x may be a secret watchlist, and f(x,y) may return y if y in x. On input her data y and the auditor's pk_A, a user can compute an escrow Z such that anyone can verify that Z was computed correctly from the user's credential attributes, and moreover, the auditor can recover f(x,y) from Z. Our contributions are: -- We define secure f-blueprint systems; our definition is designed to provide a modular extension to anonymous credential systems. -- We show that secure f-blueprint systems can be constructed for all functions $f$ from fully homomorphic encryption and NIZK proof systems. This result is of theoretical interest but is not efficient enough for practical use. -- We realize an optimal blueprint system under the DDH assumption in the random-oracle model for the watchlist function. |
BibTeX
@inproceedings{eurocrypt-2023-32985, title={Privacy-Preserving Blueprints}, publisher={Springer-Verlag}, doi={10.1007/978-3-031-30617-4_20}, author={Markulf Kohlweiss and Anna Lysyanskaya and An Nguyen}, year=2023 }