Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

Outsourcing the Computation of Plaintext Encryption for Homomorphic Encryption

Abstract: Homomorphic encryption is a promising technology for private enhanced computing. It provides a data-centric privacy-preserving method that allows computing on encrypted data by a third proxy. However, lightweight terminals lack sufficient computing resources to perform a large amount of encryption operations in stream data applications, e.g., smart devices in blockchain network, sensors and cameras in urban intelligent transport. This paper presents a blinded encryption paradigm that outsources most computations to a third proxy, e.g., cloud computing and edge computing. It helps to eliminate the encryption overhead for lightweight terminals while preserving data privacy. The proposed paradigm is composed of plaintext blinding, blinded encryption, ciphertext recovery and one round of communication. Lightweight terminals only execute efficient plaintext blinding and ciphertext recovery to guarantee data privacy. The expensive computing for plaintext encryption is delegated to a third proxy through blinded encryption. In addition, the key analysis to achieve time consuming improvement is to overlap the communication latency with computation time. Furthermore, the security analysis demonstrates the outsourced encryption is secure under the assumption of secure blinding and recovery algorithms. Finally, the experiment shows our method outperforms the original version by 2x improvement from the prospective of resource consumption.

Identity-Based Proxy Re-Encryption Scheme Using Fog Computing and Anonymous Key Generation

Abstract: In the fog computing architecture, a fog is a node closer to clients and responsible for responding to users’ requests as well as forwarding messages to clouds. In some medical applications such as the remote healthcare, a sensor of patients will first send encrypted data of sensed information to a nearby fog such that the fog acting as a re-encryption proxy could generate a re-encrypted ciphertext designated for requested data users in the cloud. Specifically, a data user can request access to cloud ciphertexts by sending a query to the fog node that will forward this query to the corresponding data owner who preserves the right to grant or deny the permission to access his/her data. When the access request is granted, the fog node will obtain a unique re-encryption key for carrying out the re-encryption process. Although some previous concepts have been proposed to fulfill these application requirements, they either have known security flaws or incur higher computational complexity. In this work, we present an identity-based proxy re-encryption scheme on the basis of the fog computing architecture. Our identity-based mechanism uses public channels for key distribution and avoids the troublesome problem of key escrow. We also formally prove that the proposed protocol is secure in the IND-PrID-CPA notion. Furthermore, we show that our work exhibits better performance in terms of computational complexity.

Enhancing Distributed Accountability by Using Proxy Re-encryption Scheme

Abstract: In cloud computing environment resources are shared among various clients and it's important for system provider to allocate the necessary resources for the clients. And IT infrastructure proceeds as the amount increases to grow, cloud computing is a new way of virtualization technologies that enable management of virtual machines over a plethora of physically connected systems (13)Cloud computing provides on demand services. Multiple users need to try and do business of their information exploitation cloud however they get worry to losing their information. Whereas data owner can store his/her information on cloud, he should get confirmation that his/her information is safe on cloud. To unravel higher than downside during this paper this offers effective mechanism to trace usage of information exploitation accountability. Accountability is verification of security policies and it's necessary for clear information access. In this paper shows automatic work mechanisms exploitation JAR programming that improves security and privacy of information in cloud. We provide an effective mechanism known as proxy re-encryption scheme to supports encoding operations over encrypted messages as well as forwarding operations over encoded and encrypted messages. Our method fully integrates encrypting, encoding, and forwarding. Exploitation this mechanism data owner might apprehend his/her information is handled as per his demand or service level agreement.

DMU-ABSE: Dynamic Multi-user Attribute-Based Searchable Encryption with File Deletion and User Revocation

Abstract: Searchable encryption (SE) is a new cryptographic technique that allows data users searching for the files of their interests over huge amounts of encrypted files on the cloud. When it comes to multi-user setting, more issues should be addressed comparing to single-user setting, including key distribution, search privilege control and access control. In this paper, we propose DMU-ABSE, a dynamic multi-user ciphertext-policy attribute-based searchable encryption scheme with file deletion and user revocation. We manipulate an attribute-based encryption to achieve fine-grained search privilege control and hidden policy in multi-user setting while searching time of the proposed scheme is constant (O(1)). With the help of proxy re-encryption, we build one searchable index matrix by different owners in order to improve the searching efficiency. Furthermore, our scheme implements access control by embedding decryption keys into the index matrix. The proposed scheme is proved IND-CKA and IND-CPA semantically secure and experimental results shows that our scheme is efficient.

PRE-DAC: proxy re-encryption based dynamic access control for secure cloud data

Abstract: With the rapid development of technologies such as cloud computing and Internet of Things, the amount of data outsourced to all kinds of remote cloud storage providers is growing. Out of security concerns, it is necessary for data owners to encrypt sensitive data before uploading it to the cloud, which makes it difficult to enforce access control of the outsourced data. Specifically, the time cost for user revocation is considerably high because of the large number of encryptions required for updating ciphertext in the cloud. In this paper, we utilize Proxy Re-Encryption (PRE) to propose PRE-DAC (PRE based Dynamic Access Control), an access control scheme for encrypted cloud data, where the efficiency of user revocation is significantly improved. Simulation results using real-world datasets show that the number of asymmetric encryptions for each revocation is prominently less than that of the existing schemes.