Paper Co-Authored in 2005 Introduced Groundbreaking Concept of Attribute-Based Encryption
PALO ALTO, Calif.–(BUSINESS WIRE)–#BayArea—NTT Research, Inc., a division of NTT (TYO:9432), today announced that a paper co-authored in 2005 by Dr. Brent Waters, a distinguished scientist in its Cryptography and Information Security (CIS) Lab, has won an International Association for Cryptologic Research (IACR) Test-of-Time Award. Dr. Waters and Dr. Amit Sahai, a professor of computer science at the UCLA Samueli School of Engineering, delivered their paper, “Fuzzy Identity-Based Encryption,” at the 2005 Eurocrypt conference. The paper introduced attribute-based encryption, in which policy rather than individuals determines who can encrypt.
The IACR gives Test-of-Time Awards annually to papers that were delivered 15 years prior at each of the three IACR General Conferences (Eurocrypt, Crypto and Asiacrypt) and that have had a lasting influence on the field. A five-member IACR committee selects the winners based on its consensus view of a paper’s impact, while taking account of available external metrics. The paper “Fuzzy Identity-Based Encryption,” one of 33 included in the proceedings of Eurocrypt 2005, for instance, has a very high Google Scholar citation number when compared to all cryptography papers published in 2005 and is widely regarded as changing the way that academic experts and the broader community think about encryption.
“Any paper accepted to one of our events has passed a high hurdle to begin with,” said Michel Abdalla, president of the IACR, Centre National de la Recherche Scientifique (CNRS) senior researcher and Ecole Normale Supérieure (ENS) adjunct professor. “By extending our Test-of-Time awards last year to the Eurocrypt, Crypto and Asiacrypt conferences, we have been able to further recognize computer scientists, such as the authors of this year’s winning papers, for truly ground-breaking contributions to the field of cryptography.”
In Identity-Based Encryption (IBE), which was initially proposed in the mid-1980s, a sender encrypts a message to an identity without access to a public key certificate. What Sahai and Waters proposed in their 2005 Eurocrypt paper was a new type of IBE in which identities were viewed as a set of descriptive attributes. They called this type of IBE “fuzzy” because the system allowed for a certain amount of error-tolerance in the identities. In Fuzzy IBE, policy checking happens “inside the crypto,” as attributes of the secret key are mathematically incorporated within the key itself. In other words, nobody explicitly evaluates the policies and makes an access decision. Rather, if the policy is satisfied, decryption will simply work; otherwise, it won’t. The authors proved the security of their schemes under the Selective-ID security model.
One application that Sahai and Waters said would follow is attribute-based encryption, in which a party could, for instance, encrypt a document to all users that have a certain set of attributes. In the traditional model, encryption was targeted to a specific party and offered all-or-nothing access. Attribute-based encryption, on the other hand, was a less inert and more flexible approach. It would allow someone to store a document on a simple, untrusted server, rather than needing to rely on a trusted server to perform authentication checks. This new way of thinking opened additional possibilities.
“After Amit and I introduced the concept of attribute-based encryption, which was about rethinking encryption as more than targeting just a specific user, a few years later we started pushing the concept even further toward a notion now called functional encryption,” said Waters, who is also a professor of computer science at the University of Texas at Austin. “It was initially a challenge to convince people that rethinking encryption was a central and fundamental problem. However, it is satisfying to see that every year now these areas are a major focal point of cryptographic research.”
Professor Sahai, who is also director of the Center for Encrypted Functionalities at UCLA, served as Waters’ Ph.D. advisor at Princeton University. NTT Research recently announced a collaboration with Georgetown and UCLA on cryptography and blockchain research, awarding a grant to Dr. Sahai to support his work on the leading edge of cryptography, the field of secure communications.
“This paper marked the beginning of a long and fruitful journey into understanding how we can process data while it is still in encrypted form, in a way that eventually yields an output that is not encrypted, but which doesn’t reveal all the data originally encrypted,” said Professor Sahai. “In the end, this line of work led us to the even grander goal of hiding secrets within software. This problem, called secure software obfuscation, remains a central research focus for both Brent and me. We look forward to many more years of collaboration and friendship.”
In addition to the paper by Sahai and Waters, the IACR gave Test-of-Time Awards this year to two other papers: “Finding collisions in the full SHA-1” (Crypto 2005), by Xiaoyun Wang, Yiqun Lisa Yin and Hongbo Yu, for a breakthrough in the cryptanalysis of hash functions; and “Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log” (Asiacrypt 2005), by Pascal Paillier and Damien Vergnaud, for developing a new meta-reduction approach in the security proof of cryptosystems.
About NTT Research
NTT Research opened its Palo Alto offices in July 2019 as a new Silicon Valley startup to conduct basic research and advance technologies that promote positive change for humankind. Currently, three labs are housed at NTT Research: the Physics and Informatics (PHI) Lab, the Cryptography and Information Security (CIS) Lab, and the Medical and Health Informatics (MEI) Lab. The organization aims to upgrade reality in three areas: 1) quantum information, neuro-science and photonics; 2) cryptographic and information security; and 3) medical and health informatics. NTT Research is part of NTT, a global technology and business solutions provider with an annual R&D budget of $3.6 billion.
NTT and the NTT logo are registered trademarks or trademarks of NIPPON TELEGRAPH AND TELEPHONE CORPORATION and/or its affiliates. All other referenced product names are trademarks of their respective owners. © 2020 NIPPON TELEGRAPH AND TELEPHONE CORPORATION