research-article

Public Access

ReTRACe: Revocable and Traceable Blockchain Rewrites using Attribute-based Cryptosystems

Authors:

Roopa Vishwanathan,

Satyajayant MisraAuthors Info & Claims

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

Pages 103 - 114

https://doi.org/10.1145/3450569.3463565

Published: 11 June 2021 Publication History

Abstract

In this paper, we study efficient and authorized rewriting of transactions already written to a blockchain. Mutable transactions will make a fraction of all blockchain transactions, but will be a necessity to meet the needs of privacy regulations, such as the General Data Protection Regulation (GDPR). The state-of-the-art rewriting approaches have several shortcomings, such as being coarse-grained, inability to expunge data, absence of revocation mechanisms, lack of user anonymity, and inefficiency. We present ReTRACe, an efficient framework for transaction-level blockchain rewrites, that is fine-grained and supports revocation. ReTRACe is designed by composing a novel revocable chameleon hash with ephemeral trapdoor scheme, a novel revocable fast attribute based encryption scheme, and a dynamic group signature scheme. We discuss ReTRACe, and its constituent primitives in detail, along with their security analyses, and present experimental results to demonstrate scalability.

References

[1]

Shashank Agrawal and Melissa Chase. 2017. FAME: Fast Attribute-based Message Encryption. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS. 665--682.

Digital Library

[2]

Giuseppe Ateniese, Bernardo Magri, Daniele Venturi, and Ewerton Andrade. 2017. Redactable blockchain--or--rewriting history in bitcoin and friends. In 2017 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 111--126.

[3]

Nuttapong Attrapadung and Hideki Imai. 2009. Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes. In 12th IMA International Conference, Cryptography and Coding, Proceedings. 278--300.

[4]

Mihir Bellare, Daniele Micciancio, and Bogdan Warinschi. 2003. Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions. In Advances in Cryptology - EUROCRYPT, Proceedings. 614--629.

[5]

Mihir Bellare, Haixia Shi, and Chong Zhang. 2005. Foundations of Group Signatures: The Case of Dynamic Groups. In Topics in Cryptology - CT-RSA, Proceedings. 136--153.

[6]

Iddo Bentov, Yan Ji, Fan Zhang, Lorenz Breidenbach, Philip Daian, and Ari Juels. 2019. Tesseract: Real-Time Cryptocurrency Exchange Using Trusted Hardware. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS. 1521--1538.

Digital Library

[7]

John Bethencourt, Amit Sahai, and Brent Waters. 2007. Ciphertext-Policy Attribute-Based Encryption. In 2007 IEEE Symposium on Security and Privacy (S&P 2007). 321--334.

[8]

Alexandra Boldyreva, Vipul Goyal, and Virendra Kumar. 2008. Identity-based encryption with efficient revocation. In Proceedings of the 2008 ACM CCS. 417--426.

Digital Library

[9]

Jonathan Bootle, Andrea Cerulli, Pyrros Chaidos, Essam Ghadafi, and Jens Groth. 2016. Foundations of Fully Dynamic Group Signatures. IACR Cryptol. ePrint Arch., Vol. 2016 (2016), 368. http://eprint.iacr.org/2016/368

[10]

Jan Camenisch, David Derler, Stephan Krenn, Henrich C. Pö hls, Kai Samelin, and Daniel Slamanig. 2017. Chameleon-Hashes with Ephemeral Trapdoors - And Applications to Invisible Sanitizable Signatures. In Public-Key Cryptography - PKC, Proceedings, Part II. 152--182.

[11]

Melissa Chase. 2007. Multi-authority Attribute Based Encryption. In Theory of Cryptography, 4th Theory of Cryptography Conference, TCC, Proceedings, Salil P. Vadhan (Ed.). 515--534.

[12]

Sherman S. M. Chow. 2016. A Framework of Multi-Authority Attribute-Based Encryption with Outsourcing and Revocation. In Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, SACMAT. 215--226.

Digital Library

[13]

Hui Cui, Robert H. Deng, Yingjiu Li, and Baodong Qin. 2016. Server-Aided Revocable Attribute-Based Encryption. In Computer Security - ESORICS, Proceedings, Part II. 570--587.

[14]

Pratish Datta, Ratna Dutta, and Sourav Mukhopadhyay. 2015. Fully Secure Unbounded Revocable Attribute-Based Encryption in Prime Order Bilinear Groups via Subset Difference Method. IACR Cryptology ePrint Archive (2015). http://eprint.iacr.org/2015/293

[15]

David Derler, Kai Samelin, Daniel Slamanig, and Christoph Striecks. 2019. Fine-Grained and Controlled Rewriting in Blockchains: Chameleon-Hashing Gone Attribute-Based. In 26th Annual Network and Distributed System Security Symposium, NDSS.

[16]

Dominic Deuber, Bernardo Magri, and Sri Aravinda Krishnan Thyagarajan. 2019. Redactable Blockchain in the Permissionless Setting. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19--23, 2019. 124--138.

[17]

DHS. 2018. Department of Homeland Security: Blockchain and Suitability for Government Applciations. https://www.dhs.gov/sites/default/files/publications/2018_AEP_Blockchain_and_Suitability_for_Government_Applications.pdf.

[18]

Eiichiro Fujisaki and Tatsuaki Okamoto. 1999. Secure Integration of Asymmetric and Symmetric Encryption Schemes. In Advances in Cryptology - CRYPTO, Proceedings. 537--554.

[19]

California Gov. 2018. California Consumer Privacy Act. https://oag.ca.gov/privacy/ccpa.

[20]

Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. 2006. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM CCS. 89--98.

Digital Library

[21]

Business Insider. 2020. The growing list of applications and use cases of blockchain technology in business and life. https://www.businessinsider.com/blockchain-technology-applications-use-cases.

[22]

JHUISI. 2012. Charm: A tool for rapid cryptographic prototyping. http://charm-crypto.io.

[23]

Hugo Krawczyk and Tal Rabin. 2000. Chameleon Signatures. In Proceedings of the Network and Distributed System Security Symposium, NDSS.

[24]

Allison B. Lewko, Tatsuaki Okamoto, Amit Sahai, Katsuyuki Takashima, and Brent Waters. 2010. Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption. In Advances in Cryptology - EUROCRYPT, Proceedings. 62--91.

[25]

Beno^i t Libert, Thomas Peters, and Moti Yung. 2012. Scalable Group Signatures with Revocation. In Advances in Cryptology - EUROCRYPT, Proceedings. 609--627.

[26]

Gaurav Panwar, Roopa Vishwanathan, and Satyajayant Misra. 2021. ReTRACe: Revocable and Traceable Blockchain Rewrites using Attribute-based Cryptosystems. Cryptology ePrint Archive, Report 2021/568. https://eprint.iacr.org/2021/568.

[27]

Matthew Pirretti, Patrick Traynor, Patrick D. McDaniel, and Brent Waters. 2006. Secure attribute-based systems. In Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS. 99--112.

Digital Library

[28]

Reuters. 2018. Banks complete 25 million euros securities transaction on blockchain platform. https://uk.reuters.com/article/uk-blockchain-securities/banks-complete-25-million-euros-securities-transaction-on-blockchain-platform-idUKKCN1GD4DW.

[29]

Amit Sahai, Hakan Seyalioglu, and Brent Waters. 2012. Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption. In Advances in Cryptology - CRYPTO. Proceedings. 199--217.

[30]

Sri Aravinda Krishnan Thyagarajan, Adithya Bhat, Bernardo Magri, Daniel Tschudi, and Aniket Kate. 2020. Reparo: Publicly Verifiable Layer to Repair Blockchains. CoRR, Vol. abs/2001.00486 (2020). http://arxiv.org/abs/2001.00486

[31]

Junichi Tomida, Yuto Kawahara, and Ryo Nishimaki. 2020. Fast, compact, and expressive attribute-based encryption. In IACR International Conference on Public-Key Cryptography. Springer, 3--33.

Digital Library

[32]

Brent Waters. 2011. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In Public Key Cryptography - PKC, Proceedings. 53--70.

[33]

Business Wire. 2016. Accenture Editable Blockchain. https://www.businesswire.com/news/home/20160920005551/en/Accenture-Debuts-Prototype-of-%E2%80%98Editable%E2%80%99-Blockchain-for-Enterprise-and-Permissioned-Systems.

[34]

Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou. 2010. Attribute based data sharing with attribute revocation. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS. 261--270.

Digital Library

Cited By

Xu SNing JLi XYuan JHuang XDeng R(2024)A Privacy-Preserving and Redactable Healthcare Blockchain SystemIEEE Transactions on Services Computing10.1109/TSC.2024.335659517:2(364-377)Online publication date: Mar-2024
https://doi.org/10.1109/TSC.2024.3356595
Zhang YMa ZLuo SDuan P(2024)Dynamic Trust-Based Redactable Blockchain Supporting Update and TraceabilityIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.332637919(821-834)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2023.3326379
Hu SLi MWeng JLiu JWeng JLi Z(2024)IvyRedaction: Enabling Atomic, Consistent and Accountable Cross-Chain RewritingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.333967521:4(3883-3900)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3339675
Show More Cited By

Index Terms

ReTRACe: Revocable and Traceable Blockchain Rewrites using Attribute-based Cryptosystems
1. Security and privacy

Recommendations

Practical Direct Chosen Ciphertext Secure Key-Policy Attribute-Based Encryption with Public Ciphertext Test
Computer Security - ESORICS 2014
Abstract
We propose a direct Key-Policy Attribute-Based Encryption (KP-ABE) scheme with semantic security against adaptively chosen ciphertext attacks (CCA2) in the standard model. Compared with its counterpart with security against chosen-plaintext ...
Traceable-then-revocable ciphertext-policy attribute-based encryption scheme
Abstract
A traceable ciphertext-policy attribute-based encryption (T-CPABE) scheme can trace a malicious user, who may leak her/his decryption privilege to a third party for some benefits. However, even if the malicious user is traced, the ...
Highlights
- We propose a ciphertext-policy attribute-based encryption with white-box traceability and direct user revocation.
Directly revocable key-policy attribute-based encryption with verifiable ciphertext delegation

Attribute-based encryption (ABE) enables an access control mechanism by specifying access control policies among decryption keys and ciphertexts. In this paper, we propose a novel ABE variant, dubbed directly revocable key-policyABEwith verifiable ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

June 2021

194 pages

ISBN:9781450383653

DOI:10.1145/3450569

General Chair:
Jorge Lobo
ICREA & Universitat Pompeu Fabra, Spain
,
Program Chairs:
Roberto Di Pietro
Hamad Bin Khalifa University
,
Omar Chowdhury
The University of Iowa

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

SACMAT '21

Sponsor:

SIGSAC

SACMAT '21: The 26th ACM Symposium on Access Control Models and Technologies

June 16 - 18, 2021

Virtual Event, Spain

Acceptance Rates

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
708
Total Downloads

Downloads (Last 12 months)256
Downloads (Last 6 weeks)39

Reflects downloads up to 16 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xu SNing JLi XYuan JHuang XDeng R(2024)A Privacy-Preserving and Redactable Healthcare Blockchain SystemIEEE Transactions on Services Computing10.1109/TSC.2024.335659517:2(364-377)Online publication date: Mar-2024
https://doi.org/10.1109/TSC.2024.3356595
Zhang YMa ZLuo SDuan P(2024)Dynamic Trust-Based Redactable Blockchain Supporting Update and TraceabilityIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.332637919(821-834)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2023.3326379
Hu SLi MWeng JLiu JWeng JLi Z(2024)IvyRedaction: Enabling Atomic, Consistent and Accountable Cross-Chain RewritingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.333967521:4(3883-3900)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3339675
Guo HChen LRen XZhao MLi CXue JZhu LZhang C(2024)Privacy-Preserving and Revocable Redactable Blockchains With Expressive Policies in IoTIEEE Internet of Things Journal10.1109/JIOT.2024.343572911:21(35390-35404)Online publication date: 1-Nov-2024
https://doi.org/10.1109/JIOT.2024.3435729
Zhang LLi XWu QRezaeibagha F(2024)Blockchain-Aided Anonymous Traceable and Revocable Access Control Scheme With Dynamic Policy Updating for the Cloud IoTIEEE Internet of Things Journal10.1109/JIOT.2023.328719011:1(526-542)Online publication date: 1-Jan-2024
https://doi.org/10.1109/JIOT.2023.3287190
Hu JHuang KBian GCui Y(2024)Redact4Trace: A solution for auditing the data and tracing the users in the redactable blockchainComputer Networks10.1016/j.comnet.2024.110360245(110360)Online publication date: May-2024
https://doi.org/10.1016/j.comnet.2024.110360
Abd Ali SYusoff MTeh JHasan H(2024)OREVI_PCH: An optimized resource-efficient redaction mechanism with integrity validation in policy-based chameleon hash for IoT applicationsPeer-to-Peer Networking and Applications10.1007/s12083-024-01884-818:1Online publication date: 19-Dec-2024
https://doi.org/10.1007/s12083-024-01884-8
Guo LMa XYau W(2024)Online/Offline and Fine-Grained Controllable Editing with Accountability and Revocability in BlockchainsBlockchain Technology and Application10.1007/978-981-97-3203-6_7(125-153)Online publication date: 23-Jun-2024
https://doi.org/10.1007/978-981-97-3203-6_7
Guo HTao XZhao MWu TZhang CXue JZhu L(2023)Decentralized Policy-Hidden Fine-Grained Redaction in Blockchain-Based IoT SystemsSensors10.3390/s2316710523:16(7105)Online publication date: 11-Aug-2023
https://doi.org/10.3390/s23167105
Abd Ali SYusoff MHasan H(2023)Redactable Blockchain: Comprehensive Review, Mechanisms, Challenges, Open Issues and Future Research DirectionsFuture Internet10.3390/fi1501003515:1(35)Online publication date: 12-Jan-2023
https://doi.org/10.3390/fi15010035
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten