Welcome to the resource topic for 2023/1519
Title:
Accountable Decryption made Formal and Practical
Authors: Rujia Li, Yuanzhao Li, Qin Wang, Sisi Duan, Qi Wang, Mark Ryan
Abstract:With the increasing scale and complexity of online activities, accountability, as an after-the-fact mechanism, has become an effective complementary approach to ensure system security. Decades of research have delved into the connotation of accountability. They fail, however, to achieve \textit{practical} accountability of decryption. This paper seeks to address this gap. We consider the scenario where a client (called encryptor, her) encrypts her data and then chooses a delegate (a.k.a. decryptor, him) that stores data for her. If the decryptor does not behave correctly, with non-negligible probability, his behavior will be detected, making the decryptor \textit{accountable} for decryption.
We make three contributions. First, we review key definitions of accountability known so far. Based on extensive investigations, we formalize new definitions of accountability specifically targeting the decryption process, denoted as \textit{accountable decryption}, and discuss the (in)possibilities when capturing this concept. We also define the security goals in correspondence. Secondly, we present a novel hardware-assisted solution aligning with definitions. Instead of fully trusting the TEE like previous TEE-based accountability solutions, we take a further step, making TEE work in the ``trust, but verify" model where a compromised state is detectable. Thirdly, we implement a full-fledged system and conduct evaluations. The results demonstrate that our solution is efficient. Even in a scenario involving 300,000 log entries, the decryption process concludes in approximately $5.5$ms, and malicious decryptors can be identified within $69$ms.
ePrint: https://eprint.iacr.org/2023/1519
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .