Due to the increasing use of encrypted communication, such as Transport Layer Security (TLS), encrypted cache systems are a promising approach for providing communication efficiency and privacy. Cache-22 is an encrypted cache system (Emura et al. ISITA 2020) that makes it possible to significantly reduce communication between a cache server and a service provider. In the final procedure of Cache-22, the service provider sends the corresponding decryption key to the user via TLS and this procedure allows the service provider to control which users can access the contents. For example, if a user has downloaded ciphertexts of several episodes of a show, the service provider can decide to provide some of the contents (e.g., the first episode) available for free while requiring a fee for the remaining contents. However, no concrete access control method has been implemented in the original Cache-22 system. In this paper, we add a scalable access control protocol to Cache-22. Specifically, we propose a time-dependent access control that requires a communication cost of $O(\log T_{\sf max})$ where $T_{\sf max}$ is the maximum time period. Although the protocol is stateful, we can provide time-dependent access control with scalability at the expense of this key management. We present experimental results and demonstrate that the modified system is effective for controlling access rights. We also observe a relationship between cache capacity and network traffic because the number of duplicated contents is higher than that in the original Cache-22 system, due to time-dependent access control.
翻译:由于越来越多地使用加密通信,例如运输层安全(TLS),加密的缓存系统是提供通信效率和隐私的一个很有希望的方法。Cache-22是一个加密的缓存系统(Emura等人,ISITA 2020),它使得能够大大减少缓存服务器与服务提供商之间的通信。在缓存服务器与服务供应商的最后程序中,服务供应商通过TLS向用户发送相应的解密密密密钥,这一程序允许服务供应商控制用户能够访问内容。例如,如果用户下载了几部节目的密码,服务供应商可以决定免费提供一些内容(例如,第一部),同时需要为剩余内容收费。然而,在最初的缓存服务器与服务供应商之间没有实施具体的访问控制方法。在本文件中,我们添加了一个可扩缩的接入控制协议。具体地说,我们提议一个有时间独立的访问控制系统,需要花费$O(log T ⁇ sf max maxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx