Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters

3
3 3 3 3
3
Reset filters

Settings
Now showing 1 - 3 of 3
  • Publication
    cipherPath: Efficient traversals over homomorphically encrypted paths
    ( 2020)
    Bramm, G.
    ;
    Schütte, J.
    We propose cipherPath, a novel graph encryption scheme that enables exact shortest distance queries on encrypted graphs. Shortest distance queries are very useful in a vast number of applications, including medical, social or geospatial. Our approach using somewhat homomorphic encryption in combination with structured encryption enables exact shortest distance queries on outsourced and encrypted graph data. Our approach upholds provable security against a semi-honest provider. We demonstrate our framework by means of two different shortest path algorithms on encrypted graphs: Dijkstra and Floyd. Finally, we evaluate the leakage profile of cipherPath.
  • Publication
    reclaimID: Secure, Self-Sovereign Identities Using Name Systems and Attribute-Based Encryption
    ( 2018)
    Schanzenbach, M.
    ;
    Bramm, G.
    ;
    Schütte, J.
    In this paper we present reclaimID: An architecture that allows users to reclaim their digital identities by securely sharing identity attributes without the need for a centralised service provider. We propose a design where user attributes are stored in and shared over a name system under user-owned namespaces. Attributes are encrypted using attribute-based encryption (ABE), allowing the user to selectively authorize and revoke access of requesting parties to subsets of his attributes. We present an implementation based on the decentralised GNU Name System (GNS) in combination with ciphertext-policy ABE using type-1 pairings. To show the practicality of our implementation, we carried out experimental evaluations of selected implementation aspects including attribute resolution performance. Finally, we show that our design can be used as a standard OpenID Connect Identity Provider allowing our implementation to be integrated into standard-compliant services.
  • Publication
    BDABE - Blockchain-based Distributed Attribute based Encryption
    ( 2018)
    Bramm, G.
    ;
    Gall, M.
    ;
    Schütte, J.
    Attribute Based Encryption (ABE) denotes asymmetric cryptographic schemes where key pairs are created for attribute owners and often applied to realize a fine-grained, cryptographic access control mechanism for outsourced data. Despite the benefits of ABE systems, there are still drawbacks when ABE systems are transformed into real world applications. Mainly, ABE systems suffer from non-efficiency or non-existence of revocation mechanisms and user key coordination problems. By introducing a consensus driven approach, we try to mitigate these issues in distributed systems. In this paper, we propose a collaborative attribute management protocol for Ciphertext-policy attribute-based encryption (CP-ABE) schemes based on our own scheme called a Blockchain-based Distributed Attribute Based Encryption (BDABE) scheme. Our construction realizes distributed issue, storage and revocation of private attribute keys by adding a consensus driven infrastructure, a blockchain. We enhance both security and efficiency of key management in distributed CP-ABE systems for the application of cloud data sharing.