Amril Syalim

Realizing Proxy Re-encryption in the Symmetric World

Proxy re-encryption is a useful concept and many proxy re-encryption schemes have been proposed in the asymmetric encryption setting. In the asymmetric encryption setting, proxy re-encryption can be beautifully implemented because many operations are available to directly transform a cipher to another cipher without the proxy needs to access the plaintexts. However, in many situations, for a better performance, the data is encrypted using symmetric ciphers. Most symmetric ciphers do not support proxy cryptography because of malleability (that is needed to implement the proxy re-encryption) is not a desired property in a secure encryption scheme. In this paper, we suggest an idea to implement a pure proxy re-encryption for the symmetric ciphers by first transforming the plaintext into a random sequence of blocks using an All or nothing transform (AONT). We show an example of the proxy re-encryption scheme using a weak encryption (i.e. simple permutation) that has a simple conversion function to convert a permutation to another. The encryption scheme exploits three characteristics of an AONT transformation: (1) the output of an AONT is a pseudorandom, (2) the output of an AONT cannot be transformed back if any parts is missing, and (3) the output of an AONT cannot be transformed back without having all blocks with correct position. We show security argument of the proposed scheme and its performance evaluation.

Preserving integrity and confidentiality of a directed acyclic graph model of provenance

This paper describes how to preserve integrity and confidentiality of a directed acyclic graph (DAG) model of provenance database. We show a method to preserve integrity by using digital signature where both of the provenance owner and the process executors (i.e. contributors) sign the nodes and the relationships between nodes in the provenance graph so that attacks to integrity can be detected by checking the signatures. To preserve confidentiality of the nodes and edges in the provenance graph we propose an access control model based on paths on the provenance graph because an auditor who need to audit a result normally need to access all nodes that have causal relationship with the result (i.e. all nodes that have a path to the result). We also complement the path-based access control with a compartment-based access control where each node is classified into compartments and the auditor is not allowed to access the nodes included in a compartment that can not be accessed by him/her (because of the sensitivity of the compartment). We implement the path-based access control by encrypting the nodes and later store encrypted encryptions keys in the children of the nodes. The compartment-based access control is implemented by encrypting the nodes in different compartments with different keys.We developed a prototype of the model and performed experiments to measure the overhead of digital signature and the double encryptions.

Grouping Provenance Information to Improve Efficiency of Access Control

Provenance is defined in some literature as a complete documentation of process that led to an object. Provenance has been utilized in some contexts, i.e. database systems, file systems and grid systems. Provenance can be represented by a directed acyclic graph (DAG). In this paper we show an access control method to the provenance information that is represented by a directed acyclic graph and a method to improve efficiency of access control by grouping the provenance information. The idea of our model is that by controlling access to nodes, edges and paths in the provenance graph we may build an expressive access control model to the provenance graph. We improve the efficiency of access control model by grouping some provenance information. In our model, the provenance information is stored in a relational database. Before explaining our idea, we describe provenance store, provenance representation, and how to store provenance graph in a relational database.

How to sign multiple versions of digital documents

In some applications, it is useful to record multiple versions of digital documents, so that we can trace the history and changes applied to the documents. The creators of the documents are often required to sign the documents to protect the origin and integrity of the documents. A typical implementation of the signature method is by using a standard signature scheme (i.e. RSA) and storing the signature along with the document. The version numbers of the documents are appended to the documents before signing. The problem is, when we need to sign many versions of the documents, the signer should create the signature of each version, which is not efficient in term of the storage. In this paper, we propose a more efficient method to sign multiple version of digital document and show the security argument of the signature scheme.