Showing papers on "Proxy re-encryption published in 2012"
••
TL;DR: This work proposes a threshold proxy re-encryption scheme and integrates it with a decentralized erasure code such that a secure distributed storage system is formulated and fully integrates encrypting, encoding, and forwarding.
Abstract: A cloud storage system, consisting of a collection of storage servers, provides long-term storage services over the Internet. Storing data in a third party's cloud system causes serious concern over data confidentiality. General encryption schemes protect data confidentiality, but also limit the functionality of the storage system because a few operations are supported over encrypted data. Constructing a secure storage system that supports multiple functions is challenging when the storage system is distributed and has no central authority. We propose a threshold proxy re-encryption scheme and integrate it with a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure and robust data storage and retrieval, but also lets a user forward his data in the storage servers to another user without retrieving the data back. The main technical contribution is that the proxy re-encryption scheme supports encoding operations over encrypted messages as well as forwarding operations over encoded and encrypted messages. Our method fully integrates encrypting, encoding, and forwarding. We analyze and suggest suitable parameters for the number of copies of a message dispatched to storage servers and the number of storage servers queried by a key server. These parameters allow more flexible adjustment between the number of storage servers and robustness.
213 citations
••
02 May 2012TL;DR: This work proposes CL-PRE, a certificateless proxy re-encryption scheme for secure data sharing with public cloud, which leverages maximal cloud resources to reduce the computing and communication cost for data owner and proposes multi-proxy and randomized CL- PRE, which enhance the security and robustness of CL- Pre.
Abstract: We propose CL-PRE, a certificateless proxy re-encryption scheme for secure data sharing with public cloud, which leverages maximal cloud resources to reduce the computing and communication cost for data owner. Towards running proxy in public cloud environment, we further propose multi-proxy CL-PRE and randomized CL-PRE, which enhance the security and robustness of CL-PRE. We implement all CL-PRE schemes and evaluate their security and performance.
132 citations
••
27 Feb 2012
TL;DR: This paper presents the first generic construction of a chosen-ciphertext (CCA) secure uni-directional proxy re-encryption (PRE) scheme and establishes a totally novel methodology for designing PRE based on a specific class of threshold encryption.
Abstract: In this paper, we present the first generic construction of a chosen-ciphertext (CCA) secure uni-directional proxy re-encryption (PRE) scheme. In particular, full CCA security (i.e., not relaxed CCA security such as replayable CCA security) of our proposed scheme is proven even against powerful adversaries that are given a more advantageous attack environment than in all previous works, and furthermore, random oracles are not required. To achieve such strong security, we establish a totally novel methodology for designing PRE based on a specific class of threshold encryption. Via our generic construction, we present the first construction that is CCA secure in the standard model.
67 citations
••
TL;DR: A new primitive: constrained single-hop unidirectional proxy re-encryption supporting conjunctive keywords search (CPRE-CKS) is introduced, and the definition and security model for this primitive are given and a concrete scheme is proposed and proved to prove its security.
67 citations
••
TL;DR: A conversion from non-anonymous hierarchical identity-based encryption (NaHIBE) with strongly CPA security to CCA-secure and collusion-resistant MUIBPRE, which is based on the NaHibE scheme proposed by Waters at Crypto'09, is presented.
63 citations
••
28 Nov 2012TL;DR: A new unidirectional single-hop Identity-Based Conditional Proxy Re-Encryption (IBCPRE) scheme that not only captures the property of IBPRE, but also supports conditional re-encryption and can be proved secure against adaptive condition and adaptive identity chosen-ciphertext attacks in the standard model.
Abstract: Although a few unidirectional single-hop Identity-Based Proxy Re-Encryption (IBPRE) systems are available in the literature, none of them is CCA secure in the standard model. Besides, they can not support conditional re-encryption property, which allows a delegator to specify a condition for ciphertexts so that the proxy can re-encrypt ciphertexts only if the re-encryption key corresponding to the same condition is given. This paper, for the first time, proposes a new unidirectional single-hop Identity-Based Conditional Proxy Re-Encryption (IBCPRE) scheme that not only captures the property of IBPRE (i.e. identity-based re-encryption), but also supports conditional re-encryption. Moreover, the scheme can be proved secure against adaptive condition and adaptive identity chosen-ciphertext attacks in the standard model.
55 citations
••
TL;DR: A definition of security against chosen ciphertext attacks for C-PRES schemes with keyword anonymity, which combines C-PRE and PEKS is proposed, and a scheme that satisfies the definition is presented.
53 citations
••
31 Aug 2012TL;DR: An efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system is proposed.
Abstract: Due to cost-efficiency and less hands-on management, data owners are outsourcing their data to the cloud which can provide access to the data as a service. However, by outsourcing their data to the cloud, the data owners lose control over their data as the cloud provider becomes a third party. At first, encrypting the data by the owner and then exporting it to the cloud seems to be a good approach. However, there is a potential efficiency problem with the outsourced encrypted data when the data owner revokes some of the users' access privileges. An existing solution to this problem is based on symmetric key encryption scheme and so it is not secure when a revoked user rejoins the system with different access privileges to the same data record. In this paper, we propose an efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system. Our framework is secure under the security definition of Secure Multi-Party Computation (SMC) and also is a generic approach - any additive homomorphic encryption and proxy re-encryption schemes can be used as the underlying sub-routines. In addition, we also modify our underlying Secure Data Sharing (SDS) framework and present a new solution based on the data distribution technique to prevent the information leakage in the case of collusion between a user and the Cloud Service Provider.
45 citations
••
TL;DR: A novel approach to an ABPRE scheme with constant pairing operation latency is provided, which reduces the number of pairing operations with exponent operations to reduce the computational overhead.
Abstract: Attribute-based encryption (ABE) is an encryption scheme in which the user is able to decrypt a ciphertext with associated attributes. However, the scheme does not offer the capability of decryption to others when the user is offline. For this reason, the attribute-based proxy re-encryption (ABPRE) scheme was proposed, which combines traditional proxy re-encryption with ABE, so a user is able to empower designated users to decrypt the re-encrypted ciphertext with the associated attributes of designated users. However, previous ABPRE schemes demands a number of pairing operations that imply huge computational overhead. To reduce the number of pairing operations, we reduce the pairing operations with exponent operations. This paper provides a novel approach to an ABPRE scheme with constant pairing operation latency.
34 citations
••
TL;DR: This work proposes the first anonymous PRE with CCA security and collusion resistance, and is proved in the random oracle model based on the DDH assumption.
Abstract: Proxy re-encryption (PRE) is a public key encryption that allows a semi-trusted proxy with some information (a.k.a., re-encryption key) to transform a ciphertext under one public key into another ciphertext under another public key. Because of this special property, PRE has many applications, such as the distributed file system. Some of these applications demand that the underlying PRE scheme is anonymous under chosen-ciphertext attacks (CCAs); that is, the adversary cannot identify the recipient of the original/transformed ciphertext, even if it knows the PRE key and can launch the CCA. However, to the best of our knowledge, none of the existing PRE schemes satisfy this requirement. In this work, we propose the first anonymous PRE with CCA security and collusion resistance. Our proposal is proved in the random oracle model based on the DDH assumption. Copyright © 2011 John Wiley & Sons, Ltd.
34 citations
••
09 Jul 2012TL;DR: The first AIBPRE scheme is proposed, which can be proven-secure in the random oracle model based on the decisional bilinear Diffie-Hellman assumption and modified decisional BilinearDiffie- hellman assumption.
Abstract: ID-based proxy re-encryption (IBPRE) allows a proxy with some information (a.k.a. re-encryption key) to transform the ciphertext under one identity to another ciphertext under another identity. These two ciphertexts can yield the same plaintext, while the proxy cannot get any information of the plaintext. Due to its transformable functionality, IBPRE can be used in many applications. Some of these applications require that the underlying IBPRE scheme is CCA-secure and anonymous. However, to the best of our knowledge, none of the existing schemes satisfy the security requirement. In this paper, we first extend the concept of IBPRE to that of anonymous IBPRE (AIBPRE), including the definition and security model. After that, we propose the first AIBPRE scheme, which can be proven-secure in the random oracle model based on the decisional bilinear Diffie-Hellman assumption and modified decisional bilinear Diffie-Hellman assumption.
••
10 Sep 2012TL;DR: A clock-based proxy re-encryption (C-PRE) scheme to achieve fine-grained access control and scalable user revocation in unreliable clouds and allows the data owner and the cloud to share a secret key in advance.
Abstract: In this paper, we propose a clock-based proxy re-encryption (C-PRE) scheme to achieve fine-grained access control and scalable user revocation in unreliable clouds. Our scheme, which is built on top of cipher text-policy attribute-based encryption (CP-ABE) and proxy re-encryption (PRE), allows the data owner and the cloud to share a secret key in advance, with which the cloud can be delegated to re-encrypt data on behalf of the data owner. The main merit of our scheme is that the cloud can automatically re-encrypt data based on its internal clock without receiving any command.
••
TL;DR: A new primitive called hierarchical conditional proxy re-encryption (HC-PRE) is introduced that enhances the concept of C-PRE by allowing more general re- Encryption key delegation patterns.
••
TL;DR: This paper proposes the first such proxy re-encryption scheme, which solves an open problem left by Ateniese et al. (2009), based on the 5-Extended Decision Bilinear Diffie-Hellman assumption and Decision Diffie, Hellman assumption.
••
12 Dec 2012TL;DR: A concept that unites software providers' and users' demands for a secure and privacy-preserving DRM system for cloud computing is presented and the employment of proxy re-encryption allows for a prevention of profile building (under pseudonym) of users by any party.
Abstract: In a cloud-computing scenario where users buy software from software providers and execute it at computing centers, a digital rights management (DRM) system has to be in place to check the software licenses during each software execution. However, the exposure of users to privacy invasion in the presence of DRM systems is problematic.
We come up with a concept that unites software providers' and users' demands for a secure and privacy-preserving DRM system for cloud computing. The employment of proxy re-encryption allows for a prevention of profile building (under pseudonym) of users by any party.
••
28 May 2012TL;DR: A policy-based de-duplication proxy scheme to enable different trust relations among cloud storage components, de- duplication related components and different security requirements is proposed and a key management mechanism to access and decrypt the shared de- DUplicated data chunks based on Proxy Re-encryption algorithms is proposed.
Abstract: Reducing the amount of data need to be transferred, stored, and managed becomes a crucial for cloud storage. On the other hand, as user data are stored and processed by outsourced cloud provider, encryption becomes a necessary before updating data into the cloud. However, the above two goals are greatly opposed to each other. In order to solve the above conflict, a policy-based de-duplication proxy scheme is proposed in this paper. It suggests a policy-based de-duplication proxy scheme to enable different trust relations among cloud storage components, de-duplication related components and different security requirements. Further proposes a key management mechanism to access and decrypt the shared de-duplicated data chunks based on Proxy Re-encryption algorithms. This paper finally analyses the security of the scheme.
••
TL;DR: This paper proposes an ID-based proxy cryptosystem with revocability and hierarchical confidentialities, and shows how to convert it into a system against chosen identity and ciphertext attacks by using the Fujisaki-Okamoto transformation.
Abstract: Proxy cryptosystems are classified into proxy decryption systems and proxy re-encryption systems on the basis of a proxy's role. In this paper, we propose an ID-based proxy cryptosystem with revocability and hierarchical confidentialities. In our scheme, on receiving a ciphertext, the proxy has the rights to perform the following three tasks according to the message confidentiality levels of the sender's intention: (1) to decrypt the ciphertext on behalf of the original decryptor; (2) to re-encrypt the ciphertext such that another user who is designated by the original decryptor can learn the message; (3) to do nothing except for forwarding the ciphertext to the original decryptor. Our scheme supports revocability in the sense that it allows proxy's decryption and re-encryption rights to be revoked even during the valid period of the proxy key without changing the original decryptor's public information. We prove that our proposal is indistinguishable against chosen identity and plaintext attacks in the standard model. We also show how to convert it into a system against chosen identity and ciphertext attacks by using the Fujisaki-Okamoto transformation.
••
01 Dec 2012TL;DR: An improvement is performed in Libert and Vergnaud scheme by improving the security levels of encryption using ASCII values by justifying the strength of this Non-Transitive Unidirectional Proxy Re-Encryption (PRE) schemes with experimental results.
Abstract: To improve the network security by a cryptographic primitive called proxy re-encryption in which a proxy can transform a ciphertext encrypted under one key without seeing the actual plaintext into an encryption of the same plaintext under another key This cryptographic concept has recently drawn renewed interest Some researchers also showed how to properly define chosen-ciphertext security for the primitive This system supports bidirectional as the translation key allows converting ciphertexts in both directions The proposed concept presents the unidirectional proxy re-encryption schemes with chosen-ciphertext security without using the random oracle idealization In 2008, Libert and Vergnaud presented the first construction of unidirectional proxy re-encryption scheme with chosen-ciphertext security in the standard model The limitation of their scheme is the longer length of original ciphertext and re-encrypted ciphertext In this paper, an improvement is performed in Libert and Vergnaud scheme by improving the security levels of encryption using ASCII values The proposed work additionally outlines Non-Transitive Unidirectional Proxy Re-Encryption (PRE) schemes This paper justifies the strength of this PRE with experimental results
••
19 Sep 2012
TL;DR: Identity based proxy re-encryption (IBPRE) is a primitive combing the feature of IBE and PRE, which is not CCA-secure in the corresponding security models by giving concrete attacks.
Abstract: In proxy re-encryption (PRE), a semi-trusted proxy can convert a cipher text originally intended for Alice into one which can be decrypted by Bob, while the proxy can not know the underlying plaintext. In multi-use PRE schemes, the cipher text can be transformed from Alice to Bob and to Charlie and so on. Due to its cipher text transformation property, it is difficult to achieve chosen cipher text security for PRE, especially for multi-use PRE. IBE is a new kind of public-key encryption where the recipient's public key is an arbitrary string that represents the recipient's identity. Identity based proxy re-encryption (IBPRE) is a primitive combing the feature of IBE and PRE. Recently Wang et al. proposed a multi-use unidirectional CCA-secure identity based proxy re-encryption (IBPRE) scheme. Unfortunately, we show their proposal is not CCA-secure in the corresponding security models by giving concrete attacks.
•
10 Jul 2012
TL;DR: In this paper, a system for securely transmitting information from a plurality of data sources to a majority of data consumers, each of the data consumers being associated with a corresponding set of one or more subscriber tags, includes a computer system configured to: receive a message from a data source, the message including encrypted data and metadata tags describing the encrypted data.
Abstract: A system for securely transmitting information from a plurality of data sources to a plurality of data consumers, each of the data consumers being associated with a corresponding set of one or more subscriber tags includes a computer system configured to: receive a message from a data source of the data sources, the message including encrypted data and one or more metadata tags describing the encrypted data; identify one or more recipient data consumers of the data consumers in accordance with whether the metadata tags and the sets of tags associated with the data consumers satisfy one or more rules; and for each identified recipient data consumer of the identified recipient data consumers: re-encrypt the encrypted data of the message using a re-encryption key corresponding to the data source and the identified data consumer to generate re-encrypted data; and transmit the re-encrypted data to the identified recipient data consumer.
••
19 Sep 2012
TL;DR: This work shows that the proposed multi-use unidirectional CCA-secure proxy re-encryption scheme proposed in CCS'09 is not C CA-secure in the corresponding security models by giving concrete attacks.
Abstract: In proxy re-encryption (PRE), a semi-trusted proxy can convert a cipher text originally intended for Alice into one which can be decrypted by Bob, while the proxy can not know the corresponding plaintext. PREcan be classified as single-use PRE and multi-use PRE according to the times the cipher text can be transformed. In multi-use PRE schemes, the cipher text can be transformed from A to B and to C and so on. In CCS'09 (post session), Wan get al. proposed a multi-use unidirectional CCA-secure proxy re-encryption scheme. Unfortunately, we show their proposal is not CCA-secure in the corresponding security models by giving concrete attacks.
••
TL;DR: This work provides protocols that allow users to store their sensor data on third party (untrusted) cloud servers in encrypted form with access only to service providers explicitly pre-approved by the users.
••
TL;DR: An efficient C-PRE scheme which uses substantially less number of bilinear pairings when compared to the existing one is proposed and it is proved its chosen-ciphertext security under modified Computational Diffie-Hellman (mCDH) and modified Computations Bilinear DiffIE-Hell man (mCBDH) assumptions in the random oracle model.
Abstract: In a proxy re-encryption (PRE) scheme, Alice gives a special information to a proxy that allows it to transform messages encrypted under Alice's public key into a encryption under Bob's public key such that the message is not revealed to the proxy. In [14], Jian Weng and others introduced the notion of conditional proxy re-encryption (C-PRE) with bilinear pairings. Later, a break for the same was published in [17] and a new C-PRE scheme with bilinear pairings was introduced. In C-PRE, the proxy also needs to have the right condition key to transform the ciphertext (associated with a condition set by Alice) under Alice's public key into ciphertext under Bob's public key, so that Bob can decrypt it. In this paper, we propose an efficient C-PRE scheme which uses substantially less number of bilinear pairings when compared to the existing one [17]. We then prove its chosen-ciphertext security under modified Computational Diffie-Hellman (mCDH) and modified Computational Bilinear Diffie-Hellman (mCBDH) assumptions in the random oracle model.
••
20 Jun 2012TL;DR: This work proposes a hybrid encryption scheme for a typical structure of a file system by integrating a hierarchical proxy re-encryption scheme and a hierarchical key assignment scheme and shows that getting a finer access control mechanism does not cost much.
Abstract: Networked storage systems provide storage services for users over networks. Secure networked storage systems store encrypted data to guarantee data confidentiality. However, using encryption schemes somehow restricts the access control function over stored data. We address the access control function for a secure networked storage system by proposing a fine-grained access control mechanism. In our mechanism, a user cannot only read or write data but also grant the reading permissions of a single file or a whole directory of files to others with low cost. Moreover, these functions are supported in a confidential way against honest-but-curious storage servers. Our technical contribution is to propose a hybrid encryption scheme for a typical structure of a file system by integrating a hierarchical proxy re-encryption scheme and a hierarchical key assignment scheme. We measure the computation overhead for reading, writing, and granting operations by experiments. Our experimental results show that getting a finer access control mechanism does not cost much.
•
09 Aug 2012
TL;DR: In this paper, a proxy re-encryption system is proposed to provide a system such that a throwaway signature is not used and a system parameter and a ciphertext are small in size while safety is secured.
Abstract: PROBLEM TO BE SOLVED: To provide a system such that a throwaway signature is not used and a system parameter and a ciphertext are small in size while safety is secured.SOLUTION: A proxy re-encryption system includes a transmission device, N reception devices, a re-encryption device, and key generation means. The transmission device includes an encryption part, and the reception device includes a decryption part; and the key generation means includes a re-encryption key generation part, and the re-encryption device includes a re-encryption part. A secret key is sk=x, and a public key is pk=g^sk. The encryption part calculates C=pk, C=h, C=e(g,g)×M, t=H(C,C), C=(uvd), and C=s to generate a ciphertext C. The decryption part finds a plaintext M=C/(e(C,g)^(1/sk)). The re-encryption key generation part generates a re-encryption key rk=sk/sk. The re-encryption part calculates C=C^rkto obtain a ciphertext C=(C, C, C, C, C).
••
24 Dec 2012TL;DR: Wang et al. as discussed by the authors proposed a new framework for secure sharing data on cloud-based social networks, which satisfies the security based on the combination of symmetric and asymmetric cryptosystems.
Abstract: In this paper, we propose a new framework for secure sharing data on cloud-based social networks. The framework satisfies the security based on the combination of symmetric and asymmetric cryptosystems. In addition, dynamic one-time used symmetric cryptographic keys and proxy re-encryption schemes are used in this framework to improve the security of cryptographic systems. By using this framework, the data is being shared between users in much more secure way.
•
TL;DR: This paper proposes a new IBE: one part of the private key is y = f(msk), where msk is the master key and y is an element inZ p .
Abstract: Identity based encryption (IBE) has received great attention since Boneh and Franklin’s breakthrough work on bilinear group based IBE [4]. Till now, many IBE schemes relying on bilinear groups with dierent properties have been proposed [5, 25, 29, 14]. However, one part of the user’s private key in all these IBE schemes is constructed as y = f(msk), where msk is the master key and y is an element in the underlying bilinear group G. In this paper, we propose a new IBE: one part of the private key is y = f(msk), where msk is the master key and y is an element inZ p . Here p is the underlying bilinear group’s prime order. By using some novel techniques, we prove this new IBE is semantic secure under the selective identity chosen plaintext attacks (INDsID-CPA) in the standard model. Based on this IBE scheme, we construct an IND-ID-CCA secure identity based proxy re-encryption (IBPRE) scheme which is master secret secure and ecient for the proxy compared with
••
07 May 2012TL;DR: This paper proposes the first non-transferable proxy re-encryption scheme which successfully achieves the nontransferable property and shows that the new scheme solved the PKG despotism problem and key escrow problem as well.
Abstract: A proxy re-encryption (PRE) scheme allows a proxy to re-encrypt a ciphertext for Alice (delegator) to a ciphertext for Bob (delegatee) without seeing the underlying plaintext. However, existing PRE schemes generally suffer from at least one of the followings. Some schemes fail to provide the non-transferable property in which the proxy and the delegatee can collude to further delegate the decryption right to anyone. This is the main open problem left for PRE schemes. Other schemes assume the existence of a fully trusted private key generator (PKG) to generate the re-encryption key to be used by the proxy for re-encrypting a given ciphertext for a target delegatee. But this poses two problems in PRE schemes if the PKG is malicious: the PKG in their schemes may decrypt both original ciphertexts and re-encrypted ciphertexts (referred as the key escrow problem); and the PKG can generate reencryption key for arbitrary delegatees without permission from the delegator (we refer to it as the PKG despotism problem). In this paper, we propose the first non-transferable proxy re-encryption scheme which successfully achieves the nontransferable property. We show that the new scheme solved the PKG despotism problem and key escrow problem as well.
••
TL;DR: A direct design of the bidirectional CCA-secure PRE scheme, which makes a direct use of the underlying IBE structure and does not need any auxiliary signature mechanism, which is efficient and suitable for further designing multi-user PRE schemes.
Abstract: Proxy re-encryption (PRE) allows a semi-trusted proxy to convert a ciphertext originally intended for a user into another ciphertext of the same message intended for another user, and the proxy, however, cannot learn anything about the message encrypted In previous papers, in order to achieve the CCA2-security, a common method for constructing PRE schemes was to apply the paradigm of using strongly-unforgeable one-time signature which transforms a selective-identity, CPA-secure identity-based encryption (IBE) scheme into a CCA-secure cryptosystem In this paper, we propose a direct design of the bidirectional CCA-secure PRE scheme, which makes a direct use of the underlying IBE structure and does not need any auxiliary signature mechanism Our construction is efficient and suitable for further designing multi-user PRE schemes Its security is proved on the base of the decisional bilinear Diffie-Hellman assumption in the standard model
•
TL;DR: Wang et al. as mentioned in this paper proposed an unidirectional conditional proxy re-encryption (C-PRE) scheme with non-monotonic access policy expressed by OR and AND gates.
Abstract: A unidirectional conditional proxy re-encryption scheme based on non-monotonic access structure Bin Wang Information Engineering College of Yangzhou University No.196 West HuaYang Road, Yangzhou City, Jiangsu Province, P.R.China E-mail: jxbin76@yahoo.cn Abstract: Recently, Fang et al. [6] introduced an interactive(bidirectional) conditional proxy re-encryption(C-PRE) scheme such that a proxy can only convert ciphertexts that satisfy access policy set by a delegator. Their scheme supports monotonic access policy expressed by “OR” and “AND” gates. In addition, their scheme is called interactive since generation of re-encryption keys requires interaction between the delegator and delegatee. In this paper, we study the problem of constructing a unidirectional(non-interactive) C-PRE scheme supporting non-monotonic access policy expressed by “NOT”, “OR” and “AND” gates. A security model for unidirectional C-PRE schemes is also proposed in this paper. To yield a unidirectional C-PRE scheme supporting non-monotonic access policy, we extend the unidirectional PRE scheme presented by Libert et al. [8] by using the ideas from the non-monotonic attributed based encryption (ABE) scheme presented by Ostrovsky et al. [9]. Furthermore, the security of our C-PRE scheme is proved under the modified 3-weak Decision Bilinear Diffie-Hellman Inversion assumption in the standard model.