Unlinkable Updatable Databases and Oblivious Transfer with Access Control

Abstract

An oblivious transfer with access control protocol (OTAC) allows us to protect privacy of accesses to a database while enforcing access control policies. Existing OTAC have several shortcomings. First, their design is not modular. Typically, to create an OTAC, an adaptive oblivious transfer protocol (OT) is extended ad-hoc. Consequently, the security of the OT is reanalyzed when proving security of the OTAC, and it is not possible to instantiate the OTAC with any secure OT. Second, existing OTAC do not allow for policy updates. Finally, in practical applications, many messages share the same policy. However, existing OTAC cannot take advantage of that to improve storage efficiency. We propose an UC-secure OTAC that addresses the aforementioned shortcomings. Our OTAC uses as building blocks the ideal functionalities for OT, for zero-knowledge (ZK) and for an unlinkable updatable database ((Formula Presented)), which we define and construct. (Formula Presented) is a protocol between an updater (Formula Presented) and multiple readers (Formula Presented). sets up a database and updates it. (Formula Presented) can read the database by computing UC ZK proofs of an entry in the database, without disclosing what entry is read. In our OTAC, (Formula Presented) is used to store and read the policies. We construct an UUD based on subvector commitments (SVC). We extend the definition of SVC with update algorithms for commitments and openings, and we provide an UC ZK proof of a subvector. Our efficiency analysis shows that our UUD is practical.