An Efficient Accountable Oblivious Transfer With Access Control Scheme in the Public Cloud

Abstract

In an oblivious transfer with access control (AC-OT) scheme, the database provider (DBP) can define different access control policies for each data record, and users are allowed to hide their choices from the DBP when accessing data. An accountable AC-OT (AAC-OT) scheme is an enhanced version of AC-OT that allows the DBP to revoke the access rights of malicious users. However, existing AAC-OT schemes have defects in their security model definition, malicious user revocation mechanism, and user-side performance. Therefore, the authors proposed an improved AAC-OT scheme that applies to the public cloud environment. In the definition of the security model, the definitions of access authorization and revocation are considered. By modifying the user tracing mechanism, the DBP can independently revoke the access rights of fraudulent users. In addition, the number of bilinear pairing operations performed by users in the transfer phase is kept constant by optimizing the generation of the underlying zero-knowledge proofs.