Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Registered Attribute-Based Encryption with Publicly Verifiable Certified Deletion, Everlasting Security, and More

Shayeef Murshid, Ramprasad Sarkar, Mriganka Mandal

TL;DR

This paper presents the first RABE schemes supporting certified deletion and certified everlasting security, and extends to privately verifiable RABE with Certified Everlasting Deletion (RABE-CED) scheme, integrating quantum-secure RABE with the certified everlasting lemma.

Abstract

Certified deletion ensures that encrypted data can be irreversibly deleted, preventing future recovery even if decryption keys are later exposed. Although existing works have achieved certified deletion across various cryptographic primitives, they rely on central authorities, leading to inherent escrow vulnerabilities. This raises the question of whether certified deletion can be achieved in decentralized frameworks such as Registered Attribute-Based Encryption (RABE) that combines fine-grained access control with user-controlled key registration. This paper presents the first RABE schemes supporting certified deletion and certified everlasting security. Specifically, we obtain the following: - We first design a privately verifiable RABE with Certified Deletion (RABE-CD) scheme by combining our newly proposed shadow registered ABE (Shad-RABE) with one-time symmetric key encryption with certified deletion. - We then construct a publicly verifiable RABE-CD scheme using Shad-RABE, witness encryption, and one-shot signatures, allowing any party to validate deletion certificates without accessing secret keys. - We also extend to privately verifiable RABE with Certified Everlasting Deletion (RABE-CED) scheme, integrating quantum-secure RABE with the certified everlasting lemma. Once a certificate is produced, message privacy becomes information-theoretic even against unbounded adversaries. -We finally realize a publicly verifiable RABE-CED scheme by employing digital signatures for the BB84 states, allowing universal verification while ensuring that deletion irreversibly destroys information relevant to decryption.

Registered Attribute-Based Encryption with Publicly Verifiable Certified Deletion, Everlasting Security, and More

TL;DR

This paper presents the first RABE schemes supporting certified deletion and certified everlasting security, and extends to privately verifiable RABE with Certified Everlasting Deletion (RABE-CED) scheme, integrating quantum-secure RABE with the certified everlasting lemma.

Abstract

Certified deletion ensures that encrypted data can be irreversibly deleted, preventing future recovery even if decryption keys are later exposed. Although existing works have achieved certified deletion across various cryptographic primitives, they rely on central authorities, leading to inherent escrow vulnerabilities. This raises the question of whether certified deletion can be achieved in decentralized frameworks such as Registered Attribute-Based Encryption (RABE) that combines fine-grained access control with user-controlled key registration. This paper presents the first RABE schemes supporting certified deletion and certified everlasting security. Specifically, we obtain the following: - We first design a privately verifiable RABE with Certified Deletion (RABE-CD) scheme by combining our newly proposed shadow registered ABE (Shad-RABE) with one-time symmetric key encryption with certified deletion. - We then construct a publicly verifiable RABE-CD scheme using Shad-RABE, witness encryption, and one-shot signatures, allowing any party to validate deletion certificates without accessing secret keys. - We also extend to privately verifiable RABE with Certified Everlasting Deletion (RABE-CED) scheme, integrating quantum-secure RABE with the certified everlasting lemma. Once a certificate is produced, message privacy becomes information-theoretic even against unbounded adversaries. -We finally realize a publicly verifiable RABE-CED scheme by employing digital signatures for the BB84 states, allowing universal verification while ensuring that deletion irreversibly destroys information relevant to decryption.
Paper Structure (44 sections, 16 theorems, 49 equations, 2 figures, 1 table)

This paper contains 44 sections, 16 theorems, 49 equations, 2 figures, 1 table.

Table of Contents

  1. Introduction
  2. Our Results
  3. Related Work
  4. Technical Overview
  5. Towards Registered ABE-CD from ABE-CD
  6. Design of RABE-PriVCD under LWE Assumptions
  7. Design of RABE-PubVCD under LWE Assumptions
  8. Achieving Certified Everlasting Deletion Security
  9. Preliminaries
  10. Public Key Encryption
  11. Indistinguishability Obfuscation
  12. Digital Signatures
  13. NP Languages
  14. Zero-Knowledge Arguments
  15. Witness Encryption
  16. ...and 29 more sections

Key Result

theorem 2

There exists a one-time secret key encryption scheme with certified deletion that satisfies OT-CD security unconditionally, where the message space is $\mathcal{M} = \{0,1\}^{\ell_m}$ and the key space is $\mathcal{K} = \{0,1\}^{\ell_k}$ for some polynomials $\ell_m, \ell_k$.

Figures (2)

  • Figure 1: High-level Overview of Our Constructions
  • Figure 4: A single arrow '' represents statistical/computational indistinguishability. The double arrow '' indicates that for both $b \in \{0,1\}$, the adversary is in the same experiment. Above each arrow, we write the lemma/claim that proves indistinguishability, while below, we state the underlying security assumption.

Theorems & Definitions (32)

  • definition 1: Classical Proof and Argument Systems for NP
  • theorem 2: Unconditional Existence of OT-CD Secure SKE
  • lemma 1: Certified Everlasting Lemma bartusek2023cryptography
  • lemma 2: Publicly Verifiable Certified Everlasting Lemma kitagawa2023publicly
  • theorem 3
  • proof
  • lemma 3
  • proof
  • proof
  • lemma 4
  • ...and 22 more