





























Zongbin Wang, Beijing Infosec Technologies Co., Ltd.
The whitelist is a foundational and widely deployed access control mechanism. In its prevalent implementation, the verifying entity typically requires access to the plaintext authorization policy to perform enforcement. This creates a concentrated security risk: the verifier becomes a high-value target, and its compromise could lead to the full exposure of the sensitive whitelist—a single point of failure for policy confidentiality. This work formalizes and addresses this risk by introducing a new paradigm of Privacy-Enhanced Whitelists. Our framework cryptographically decouples policy enforcement from policy exposure. A trusted issuer encodes the whitelist, enabling the verifier to validate memberships using only cryptographically blinded commitments, without ever needing the plaintext list. We provide a formal security model that rigorously defines and achieves security even against an adversary who compromises the verifier’s state. The system is realized via an efficient construction based on polynomial commitments in elliptic curve groups and supports dynamic policy updates. By shifting the trust assumption from the verifier’s infrastructure to cryptographic verification, our work establishes a practical foundation for scenarios where the whitelist itself must remain a protected secret.
BibTeX
@misc{cryptoeprint:2026/045,
author = {Yu Zhang and Zongbin Wang},
title = {Formalizing Privacy-Enhanced Whitelists: A Secure Framework with Hidden Policies},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/045},
year = {2026},
url = {https://eprint.iacr.org/2026/045}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。