Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

Proxy re-encryption algorithm description and analysis method

Abstract: The invention relates to a proxy re-encryption algorithm description and analysis method, comprising the steps of defining a proxy re-encryption algorithm description language which is used for a cryptographic algorithm design user to carry out similar mathematical language description for a mathematical algorithm; describing a designed proxy re-encryption algorithm by the user according to the algorithm description language, thereby generating a description source file; carrying out language analysis on the description source file, thereby generating algorithm description intermediate code; and selecting a code bottom layer library corresponding to a computer programming language according to a target code demand of the user, thereby generating target code. The method is applicable to cryptologist description and can be seamlessly docked with the computer programming language. For a cryptologist, through similar mathematical language description, the performance evaluation of the algorithm can be realized without paying attention to realization details of a computer. For a computer professional, the realization code of the proxy re-encryption algorithm can be obtained, and the accuracy and security of the code can be ensured.

Proxy Re-Encryption Scheme Supporting a Selection of Delegatees

Abstract: Proxy re-encryption is a cryptographic primitive proposed by Blaze, Bleumer and Strauss in 1998. It allows a user, Alice, to decide that in case of unavailability, one (or several) particular user, the delegatee, Bob, will be able to read her confidential messages. This is made possible thanks to a semi-trusted third party, the proxy, which is given by Alice a re-encryption key, computed with Alice’s secret key and Bob’s public key. This information allows the proxy to transform a ciphertext intended to Alice into a ciphertext intended to Bob. Very few constructions of proxy re-encryption scheme actually handle the concern that the original sender may not want his message to be read by Bob instead of Alice. In this article, we adapt the primitive of proxy re-encryption to allow a sender to choose who among the potential delegatees will be able to decrypt his messages, and propose a simple and efficient scheme which is secure under chosen plaintext attack under standard algorithmic assumptions in a bilinear setting. We also add to our scheme a traceability of the proxy so that Alice can detect if it has leaked some re-encryption keys.

Implementation of E-Health Cloud System Using Timing Enabled Proxy Re-encryption function (Re-dtPECK)

Abstract: E-Health record system is a major application which provides great convenience to patients and doctors in the field of health care where patient can no longer use paper prescription and keep it in record for future diagnosis. The major concern is security and sensitive personal information of patients which can be easily misused by the third-party users. Thus, we introduce novel cryptographic primitive named as conjunctive keyword search with designated tester and timing enabled proxy re-encryption function (Re-dtPECK), which is a time-dependent SE scheme. It provides partial access to operate search function to users for limited period of time. Also, the length of the time period can be controlled for the delegatee to search and decrypt delegator’s encrypted documents. The major feature is it supports the conjunctive keywords search and resist the keyword guessing attacks. By this, only the designated tester can provide exsistence to certain keywords. Therefore making Re-dtPECK is efficient scheme for standard model.

An Efficient Cryptography-Based Access Control Using Inner-Product Proxy Re-Encryption Scheme

Abstract: Inner-product encryption (IPE) is a well-known functional encryption primitive that allows decryption when the inner-product of the attribute vectors, upon which the encrypted data and the decryption key depend, is equal to zero. Using IPE, it is possible to define fine-grained access policies over encrypted data whose enforcement can be outsourced to the cloud where the data are stored. However, current IPE schemes do not support efficient access policy changes. In this paper, we propose an efficient inner-product proxy re-encryption (E-IPPRE) scheme that provides the proxy server with a transformation key, with which a ciphertext associated with an attribute vector can be transformed to a new ciphertext associated with a different attribute vector, providing a policy update mechanism with a performance suitable for many practical applications. We experimentally assess the efficiency of our protocol and show that it is selective attribute-secure against chosen-plaintext attacks in the standard model under the Asymmetric Decisional Bilinear Diffie-Hellman assumption.

Improved Proxy Re-Encryption With Delegatable Verifiability

Abstract: Proxy re-encryption cryptosystem enables proxy to re-encrypt the ciphertext and protects the privacy of the corresponding plaintext. Hence, this type of cryptosystem has found tremendous applications in data sharing in cloud computing, email forwarding, securing file systems, and so on. In practice, proxy re-encryption has to support verification of ciphertext to reduce the users’ computational burden. The ciphertext verification can be achieved through a public, private, or delegatable manner. Delegatable verification is more generic in that it can be easily converted into the other two verification methods. However, almost all existing schemes with delegatable verifiability only achieve replayable chosen ciphertext security. Hence, in this paper we propose a more secure proxy re-encryption scheme with delegatable verifiability. Specifically, we utilize a short signature scheme to prevent an attacker from forging a valid ciphertext, and prevent an attacker from forging a signature. As a result, our scheme is secure against chosen ciphertext attacks under the standard model.