Collaborative Research Centre 901 On-The-Fly Computing
Link to the official web page of CRC 901 On-The-Fly Computing
The objective of CRC 901 – On-The-Fly Computing (OTF Computing) – is to develop techniques and processes for automatic on-the-fly configuration and provision of individual IT services out of base services. The base serves are available on world-wide markets. In addition to the configuration by special OTF service providers and the provision by what are called OTF Compute Centers, this involves developing methods for quality assurance and the protection of participating clients and providers, methods for the target-oriented further development of markets, and methods to support the interaction of the participants in dynamically changing markets.
Cryptographic solutions in On-The-Fly Computing system
Successful marketing and acceptance of On-The-Fly Computing systems require dealing with their security. The highly dynamic and heterogeneous nature of the visioned system as well as data protection and further legal requirements pose a challenge for modern cryptography and require novel cryptographic solutions.
During the course of the project we intend to design solutions for confidential and authenticated communication in dynamic groups based on identity-based cryptography. This requires key revocation and reduction of power of authority for identity-based schemes. Efficient allocation of services and data access control in On-The-Fly Computing systems also require novel cryptographic schemes, which we intend to realize based on the attribute-based encryption schemes.
Another important market mechanism in On-The-Fly Computing Systems is an anonymous reputation system which enables clients to rate products and services and gives incentives to providers to improve their services. Hence, in this part of the project we develop new models of security and schemes to build a highly flexible and secure reputation system.
Work area: Access Control systems
One of our current goals is to develop secure, efficient and flexible access control systems for On-The-Fly Computing Data Centers and On-The-Fly service providers. A promising approach is to use attribute-based encryption schemes. These novel schemes use techniques from pairing-based cryptography and are related to identity-based cryptography too.
In the ciphertext-policy attribute-based encryption schemes, the owner of data defines an access policy for each data and encrypts it once using this policy. The policies for different data are Boolean formulas over predefined attributes. In order to provide access to the encrypted data, the owner of data gets each customer with a special decryption key. Every key is related to a set of attributes. A customer will be able to decrypt a ciphertext if and only if the attributes of his/her key satisfy the policy of the ciphertext.
The attribute-based approach simplifies the realization of data access control systems, which then can be even stored on an untrusted server. The data access control is completely realized by the encryption and all the data must be encrypted only once for all the customers.
In this area, our research focus is on the development of efficient and flexible attribute-based encryption schemes. The policies of the existing schemes are restricted to several classes of functions and are quite inefficient. On the one hand, we are interested in the development of schemes which can be applied to general function classes. On the other hand, we are looking for more efficient methods when realizing restricted function classes. Other modifications of the schemes will be also necessary when considering further questions arising from privacy protection and further legal requirements.
Work area: reputation systems
A second goal is to develop anonymous reputation systems. To provide trustworthy, reliable, and honest ratings there is a need for anonymous reputation systems that also guarantee that customers rate products only once. To further increase trust in the system, everyone – even outsiders – should be able to verify the validity of ratings. Some of these properties have been studied in the context of group signatures. However, the concept of group signatures does not meet all the requirements for reputation systems. In particular, reputation systems do not consist of a single group of users. Rather one can think of reputation systems as a family of group signature schemes – one for each product. Moreover, we may have providers with several products. Hence, when looking at security and anonymity group signature schemes for different products can not be considered in isolation. Finally, known constructions of group signatures do not provide all properties that we need for a secure and anonymous reputation system and do not provide them simultaneously.
The research focus in the area of reputation systems is the development of new security models and efficient, flexible and secure schemes which meet all our requirements. Here we mainly consider group signatures, but also attribute-based signatures and anonymous credential systems will be taken into account.
Publications
2023
A Generic Construction of an Anonymous Reputation System and Instantiations from Lattices
J. Blömer, J. Bobolz, L.A. Porzenheim, in: 2023.
Designing Business Reputation Ecosystems — A Method for Issuing and Trading Monetary Ratings on a Blockchain
S. Hemmrich, J. Bobolz, D. Beverungen, J. Blömer, in: ECIS 2023 Research Papers, 2023.
On the impossibility of surviving (iterated) deletion of weakly dominated strategies in rational MPC
J. Blömer, J. Bobolz, H. Bröcher, in: 2023.
Practical Cryptograhic Techniques for Secure and Privacy-Preserving Customer Loyalty Systems
J. Blömer, J. Bobolz, F. Eidens, T. Jager, P. Kramer, in: C.-J. Haake, F. Meyer auf der Heide, M. Platzner, H. Wachsmuth, H. Wehrheim (Eds.), On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets, Heinz Nixdorf Institut, Universität Paderborn, Paderborn, 2023, pp. 237–246.
Robustness and Security
J. Blömer, F. Eidens, T. Jager, D. Niehues, C. Scheideler, in: C.-J. Haake, F. Meyer auf der Heide, M. Platzner, H. Wachsmuth, H. Wehrheim (Eds.), On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets, Heinz Nixdorf Institut, Universität Paderborn, Paderborn, 2023, pp. 145–164.
2022
Privacy-Preserving Cryptography: Attribute-Based Signatures and Updatable Credentials
F. Eidens, Privacy-Preserving Cryptography: Attribute-Based Signatures and Updatable Credentials, 2022.
2021
Cryptimeleon: A Library for Fast Prototyping of Privacy-Preserving Cryptographic Schemes
J. Bobolz, F. Eidens, R. Heitjohann, J. Fell, (2021).
Issuer-Hiding Attribute-Based Credentials
J. Bobolz, F. Eidens, S. Krenn, S. Ramacher, K. Samelin, in: Cryptology and Network Security, Springer International Publishing, Cham, 2021.
2020
Privacy-Preserving Incentive Systems with Highly Efficient Point-Collection
J. Bobolz, F. Eidens, S. Krenn, D. Slamanig, C. Striecks, in: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS ’20), ACM, New York, NY, USA, 2020.
2019
Updatable Anonymous Credentials and Applications to Incentive Systems
J. Blömer, J. Bobolz, D.P. Diemert, F. Eidens, in: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS ’19, 2019.
2018
Cloud Architectures for Searchable Encryption
J. Blömer, N. Löken, in: Proceedings of the 13th International Conference on Availability, Reliability and Security, ARES 2018, ACM, New York, NY, USA, n.d., pp. 25:1--25:10.
Delegatable Attribute-based Anonymous Credentials from Dynamically Malleable Signatures
J. Blömer, J. Bobolz, in: ACNS 2018 Applied Cryptography & Network Security, n.d.
Enhanced Security of Attribute-Based Signatures
J. Blömer, F. Eidens, J. Juhnke, in: The International Conference on Cryptology And Network Security (CANS), Springer, 2018, pp. 235–255.
Fully-Featured Anonymous Credentials with Reputation System
K. Bemmann, J. Blömer, J. Bobolz, H. Bröcher, D.P. Diemert, F. Eidens, L. Eilers, J.F. Haltermann, J. Juhnke, B. Otour, L.A. Porzenheim, S. Pukrop, E. Schilling, M. Schlichtig, M. Stienemeier, in: Proceedings of the 13th International Conference on Availability, Reliability and Security - ARES ’18, ACM, New York, NY, USA, n.d.
Models and Constructions for Secure Reputation Systems
J. Juhnke, Models and Constructions for Secure Reputation Systems, Universität Paderborn, 2018.
Practical, Anonymous, and Publicly Linkable Universally-Composable Reputation Systems
J. Blömer, F. Eidens, J. Juhnke, in: Topics in Cryptology - {CT-RSA} 2018 - The Cryptographers’ Track at the {RSA} Conference 2018, Proceedings, Springer International Publishing, Cham, 2018, pp. 470–490.
Provably Anonymous Communication Based on Trusted Execution Environments
J. Blömer, J. Bobolz, C. Scheideler, A. Setzer, Provably Anonymous Communication Based on Trusted Execution Environments, n.d.
Voronoi Cells of Lattices with Respect to Arbitrary Norms
J. Blömer, K. Kohn, SIAM Journal on Applied Algebra and Geometry. 2 (2018) 314–338.
2017
Attribute-Based Encryption as a Service for Access Control in Large-Scale Organizations
J. Blömer, P. Günther, V. Krummel, N. Löken, in: Foundations and Practice of Security, Springer International Publishing, Cham, 2017, pp. 3–17.
CCA-Security for Predicate Encryption Schemes
G. Liske, CCA-Security for Predicate Encryption Schemes, Universität Paderborn, 2017.
Subtleties in Security Definitions for Predicate Encryption with Public Index
J. Blömer, G. Liske, in: Proceedings of the International Conference of Mathematical Aspects of Computer and Information Sciences (MACIS), Springer International Publishing, Cham, 2017, pp. 438–453.
2016
Construction of Fully CCA-Secure Predicate Encryptions from Pair Encoding Schemes
J. Blömer, G. Liske, in: Proceedings of the CT-RSA 2016, 2016, pp. 431–447.
Physical attacks on pairing-based cryptography
P. Günther, Physical Attacks on Pairing-Based Cryptography, Universität Paderborn, 2016.
2015
A Group Signature Scheme with Distributed Group Management - An Application of Threshold Encryption
N. Löken, A Group Signature Scheme with Distributed Group Management - An Application of Threshold Encryption, Universität Paderborn, 2015.
Anonymous and Publicly Linkable Reputation Systems
J. Blömer, J. Juhnke, C. Kolb, in: Proceedings of the 18th International Conference on Financial Cryptography and Data Security (FC), 2015, pp. 478--488.
Anonymous credential system based on q-Strong Diffie-Hellman Assumption
F. Eidens, Anonymous Credential System Based on Q-Strong Diffie-Hellman Assumption, Universität Paderborn, 2015.
Constructions of Fully Secure Predicate Encryption Schemes
P. Schleiter, Constructions of Fully Secure Predicate Encryption Schemes, Universität Paderborn, 2015.
Efficient Verifier-Local Revocation for Anonymous Credentials
J. Bobolz, Efficient Verifier-Local Revocation for Anonymous Credentials, Universität Paderborn, 2015.
Implementierung eines hybriden Verschlüsselungsverfahrens nach Cramer und Shoup
B. Kalde, Implementierung eines hybriden Verschlüsselungsverfahrens nach Cramer und Shoup, Universität Paderborn, 2015.
Number of Voronoi-relevant vectors in lattices with respect to arbitrary norms
K. Kohn, Number of Voronoi-Relevant Vectors in Lattices with Respect to Arbitrary Norms, Universität Paderborn, 2015.
Short Group Signatures with Distributed Traceability
J. Blömer, J. Juhnke, N. Löken, in: Proceedings of the Sixth International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS), 2015, pp. 166–180.
Voronoi Cells of Lattices with Respect to Arbitrary Norms
J. Blömer, K. Kohn, Voronoi Cells of Lattices with Respect to Arbitrary Norms, Universität Paderborn, 2015.
2014
A Practical Second-Order Fault Attack against a Real-World Pairing Implementation
J. Blömer, R. Gomes da Silva, P. Günther, J. Krämer, J.-P. Seifert, in: Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC), 2014, pp. 123--136.
Constructing CCA-secure predicate encapsulation schemes from CPA-secure schemes and universal one-way hash functions
J. Blömer, G. Liske, (2014).
Fujisaki-Okamoto Transformation
J. Lippert, Fujisaki-Okamoto Transformation, Universität Paderborn, 2014.
Hiding software components using functional encryption
J. Jochheim, Hiding Software Components Using Functional Encryption, Universität Paderborn, 2014.
RSA-Full Domain Hash Revisited
T. Rath, RSA-Full Domain Hash Revisited, Universität Paderborn, 2014.
Tampering attacks in pairing-based cryptography
J. Blömer, P. Günther, G. Liske, in: Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC), 2014, pp. 1--7.
2013
Attributbasierte Verschlüsselung mittels Gittermethoden - Mathematische Grundlagen, Verfahren und Sicherheitsbeweise
K. Kohn, Attributbasierte Verschlüsselung mittels Gittermethoden - Mathematische Grundlagen, Verfahren und Sicherheitsbeweise, Universität Paderborn, 2013.
Direct Chosen-Ciphertext Secure Attribute-Based Key Encapsulations without Random Oracles
J. Blömer, G. Liske, (2013).
Securing Critical Unattended Systems with Identity Based Cryptography - A Case Study
J. Blömer, P. Günther, V. Krummel, in: Proceedings of the 5th International Conference on Mathematical Aspects of Computer and Information Sciences (MACIS), 2013, pp. 98–105.
Security Proofs for Pairing-Based Cryptography in the Generic Group Model
J. Bobolz, Security Proofs for Pairing-Based Cryptography in the Generic Group Model, Universität Paderborn, 2013.
Seitenkanalresistenz paarungsbasierter Kryptographie
O. Otte, Seitenkanalresistenz paarungsbasierter Kryptographie, Universität Paderborn, 2013.
Verteilte Erstellung und Aktualisierung von Schlüsselservern in identitätsbasierten Verschlüsselungssystemen
A. Tezer, Verteilte Erstellung und Aktualisierung von Schlüsselservern in identitätsbasierten Verschlüsselungssystemen, Universität Paderborn, 2013.
2012
Attribute-basierte Verschlüsselung
P. Schleiter, Attribute-basierte Verschlüsselung, Universität Paderborn, 2012.
Identitätsbasierte Kryptographie - Implementierung von Paarungen für Körper der Charakteristik 2
T. Haarhoff, Identitätsbasierte Kryptographie - Implementierung von Paarungen für Körper der Charakteristik 2, Universität Paderborn, 2012.
Identitätsbasierte Signaturen - Ein Sicherheitsbeweis für Signaturen auf Grundlage von Gap-Diffie-Hellman-Gruppen mit Hilfe des Forking-Lemmas
N. Löken, Identitätsbasierte Signaturen - Ein Sicherheitsbeweis für Signaturen auf Grundlage von Gap-Diffie-Hellman-Gruppen mit Hilfe des Forking-Lemmas, Universität Paderborn, 2012.
2011
Fault attacks in pairing-based cryptography
G. Liske, Fault Attacks in Pairing-Based Cryptography, Universität Paderborn, 2011.
Show all publications