Résumé: Recent advances in cryptographic approaches, such as Functional Encryption and Attribute-based Encryption and their variants, have shown significant promise for enabling public clouds to provide secure computation and storage services for users' sensitive data. A crucial component of these approaches is a third-party authority (TPA) that must be trusted to set up public parameters, provide private key service, and so on. Components of deployed cryptographic mechanisms such as the certificate authorities (CAs), which are the TPAs of the underlying PKI for the SSL/TLS protocol, have faced several types of attacks (e.g., stealthy targeted and censorship attacks), and certificate mis-issuance problems. Such practical challenges indicate that the successful deployment of newer emerging cryptographic schemes will also significantly depend on the trustworthiness of the TPAs. Furthermore, recently proposed decentralized TPA approaches that lower the threshold on the conditions required for an entity to become an authority can make the trust issue much worse. To address this issue, we propose an authority transparency framework to ensure the trustworthiness of TPAs of recent and emerging advanced cryptographic schemes. The framework includes a formal model and a secure logging-based approach to implement the framework. Further, to address the issues related to privacy, we also present a privacy-preserving authority transparency approach. We present security analysis and performance evaluation to show that authority transparency achieves the security and performance goals.

Langue: Anglais