Data Set Used
Logcrypt provides strong cryptographic assurances that data stored by a logging facility before a system compromise cannot be modified after the compromise without detection. We build on prior work by showing how log creation can be separated from log verification , and describing several additional performance and convenience features not previously… (More)
Hidden Credentials are useful in situations where requests for service, credentials, access policies and resources are extremely sensitive. We show how transactions which depend on fulfillment of policies described by monotonic boolean formulae can take place in a single round of messages. We further show how credentials that are never revealed can be used… (More)
We describe a credential system similar to the electronic cash system described by Chaum, Fiat and Naor. Our system uses bit commitments to create selective disclosure credentials which limit what portions of a credential the holder must reveal. We show how credentials from separate issuers can be linked to the same person in order to prevent users from… (More)
Hidden credentials are useful in protecting sensitive resource requests, resources, policies, and credentials. We propose a significant performance improvement when implementing hidden credentials using Boneh/Franklin Identity Based Encryption. We also propose a substantially improved secret splitting scheme for enforcing complex policies, and show how it… (More)
The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resources. The set of resources is usually static, and an access control policy associated with each resource specifies who is authorized to access the resource. In this article, we turn… (More)
Nym is an extremely simple way to allow pseudonymous access to Internet services via anonymizing networks like Tor, without losing the ability to limit vandalism using popular techniques such as blocking owners of offending IP or email addresses. Nym uses a very straightforward application of blind signatures to create a pseudonymity system with extremely… (More)
We define key privacy for IBE systems in terms of two properties, indistinguishability under chosen identity attack, and indistinguishability under chosen key generator attack. Further, we show that the BasicIdent system in the Boneh/Franklin IBE has these properties under chosen plaintext attack.
We compare the abstract specifications of four similar systems with similar capabilities, and give transformations which allow any implementation of a particular system to transform into certain other systems. This clarifies the relationships between the systems, which have often been casually grouped together in the literature.