An End-To-End Encrypted Cache System with Time-Dependent Access Control

TL;DR

This paper enhances the Cache-22 encrypted cache system by integrating a scalable, time-dependent access control protocol that effectively manages user access rights while maintaining communication efficiency.

Contribution

It introduces a novel time-dependent access control protocol for Cache-22, enabling scalable and efficient management of user access rights in encrypted cache systems.

Findings

The proposed protocol achieves $O( ext{log } T_{ ext{max}})$ communication cost.

Experimental results confirm effective access control and increased cache capacity.

Time-dependent access control influences network traffic and content duplication.

Abstract

Due to the increasing use of encrypted communication, such as Transport Layer Security (TLS), encrypted cache systems are a promising approach for providing communication efficiency and privacy. Cache-22 is an encrypted cache system (Emura et al. ISITA 2020) that makes it possible to significantly reduce communication between a cache server and a service provider. In the final procedure of Cache-22, the service provider sends the corresponding decryption key to the user via TLS and this procedure allows the service provider to control which users can access the contents. For example, if a user has downloaded ciphertexts of several episodes of a show, the service provider can decide to provide some of the contents (e.g., the first episode) available for free while requiring a fee for the remaining contents. However, no concrete access control method has been implemented in the original Cache-22 system. In this paper, we add a scalable access control protocol to Cache-22. Specifically, we propose a time-dependent access control that requires a communication cost of $O(\log T_{\sf max})$ where $T_{\sf max}$ is the maximum time period. Although the protocol is stateful, we can provide time-dependent access control with scalability at the expense of this key management. We present experimental results and demonstrate that the modified system is effective for controlling access rights. We also observe a relationship between cache capacity and network traffic because the number of duplicated contents is higher than that in the original Cache-22 system, due to time-dependent access control.