Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

FABRIC: Fast and Secure Unbounded Cross-System Encrypted Data Sharing in Cloud Computing

Abstract: Existing proxy re-encryption (PRE) schemes to secure cloud data sharing raise challenges such as supporting the heterogeneous system efficiently and achieving the unbounded feature. To address this problem, we proposed a fast and secure unbounded cross-domain proxy re-encryption scheme, named FABRIC, which enables the delegator to authorize the semi-trusted cloud server to convert one ciphertext of an identity-based encryption (IBE) scheme to another ciphertext of an attribute-based encryption (ABE) scheme. As the first scheme to achieve the feature mentioned above, FABRIC not only enjoys constant computation overhead in the encryption, decryption, and re-encryption phases when the quantity of attributes increases, but is also unbounded such that the new attributes or roles could be adopted into the system anytime. Furthermore, FABRIC achieves adaptive security under the decisional linear assumption (DLIN). Eventually, detailed theoretical and experimental analysis proved that FABRIC enjoys excellent performance in efficiency and practicality in the cloud computing scenario.

Lattice-based ABE-IBE Proxy Re-Encryption for IoT Systems

Abstract: <div>The recent expansion of the Internet of things (IoT) and its applications continues to dramatically change the IT services supporting manufacturing, energy management, intelligent transportation, smart cities, etc. These IT services often interconnect Internet-based Cloud systems with IoT or intelligent smart devices held by organisations. As IoT devices are resource-limited, the security of their communication is provided by lightweight cryptography that could consequently lead to the devices being insecure against a quantum adversary. On the other hand, Internet Cloud systems are resource-rich and could easily support post-quantum cryptography. This paper presents a proxy re-encryption scheme that translates ciphertexts of a classical lightweight encryption algorithm into their post quantum equivalent and vice versa. More precisely, we propose a lattice-based ABE-IBE (L ABE-IBE) proxy re-encryption scheme that transforms a classical lightweight ciphertext into a lattice based ciphertext. We compare our proposed L ABE-IBE proxy re-encryption scheme with classical proxy re-encryption (ABEIBE) schemes. We discuss the security and efficiency of our construction.</div>

Public Trace-and-Revoke Proxy Re-encryption

Abstract: <p>Proxy re-encryption (PRE), as a promising cryptographic primitive for secure data sharing in cloud, has been widely studied for decades. PRE allows the proxies to use the re-encryption keys to convert ciphertexts computed under the delegator’s public key into ones that can be decrypted using the delegatees’ secret keys, without knowing anything about the underlying plaintext. This delegable property of decryption rights gives rise to an important issue: if some proxies reveal their re-encryption keys, or collude with some delegatees to create a pirate decoder, then anyone who gains access to the pirate decoder can decrypt all ciphertexts computed under the delegator’s public key without the delegator’s permission. Several works have provided potential solutions to this issue by designing tracing mechanisms on PRE, where proxies that reveal their re-encryption keys can be identifified by the delegator. However, these solutions perform poorly in terms of the sizes of the public, the secret and the re-encryption keys, and support neither multi-hop nor public traceability. </p> <p>This paper advances the research of tracing mechanisms on PRE and proposes the fifirst public trace-and-revoke PRE system, where the malicious delegatees involved in the generation of a pirate decoder can be identifified by anyone who gains access to the pirate decoder, and their decryption capabilities can subsequently be revoked by the content distributor. Our construction is multi-hop, supports user revocation and public (black-box) traceability, and achieves signifificant effificiency advantages over previous constructions. Our construction is a generic transformation from inner-product functional PRE (IPFPRE) that we introduce to trace-and-revoke PRE. In addition, we instantiate our generic construction of trace-and-revoke PRE from the Learning with Errors (LWE) assumption, which was widely believed to be quantum-resistant. This is achieved by proposing the fifirst LWE-based IPFPRE scheme, which may be of independent interest.</p>

ECT-ABE Algorithm-Based Secure Preserving Framework for Medical Big Data

Abstract: Cyber risks and data breaches have expanded considerably across a wide range of business areas. Due to digitalization and the Internet of Things (IoT), the medical community generates a massive amount of heterogeneous clinical records on a daily basis. This unprocessed heterogynous medical data contains a wealth of clinical information that is vital for the medical field's advancement. However, patient privacy concerns arise when storing and analysing this medical big data on a private cloud. In this present study, the Optimized Ciphertext Attribute-Based Encryption (ECT-ABE) algorithm is introduced to enhance the safety of healthcare cloud storage. Additionally, the suggested system design incorporates a separate proxy server to isolate communication between clients and the cloud server, hence limiting direct attacks on cloud servers and lowering computational pressure on cloud servers. In comparison to earlier methods, the proposed cryptosystem is faster to execute and produces a lighter ciphertext. Additionally, both re-encryption and pre-decryption require only a single arithmetic operation.