Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

Decentralized Attribute-Based Access Control with Attribute Revocation and Outsourced Decryption

Abstract: Decentralized ciphertext-policy attribute-based encryption (CP-ABE) is considered a promising cryptographic primitive to enable fine-grained access control over encrypted data. The revocation is a necessary mechanism in real-world access control systems. However, existing revocation mechanisms in CP-ABE either are triggered periodically and cannot revoke users in a timely manner, or require a trusted third-party proxy to assist in revocation. In this work, we present a decentralized CP-ABE scheme that supports periodic attribute-level revocation as well as immediate attribute-level revocation, simultaneously. It means that once an attribute key of a user naturally expires or is identified as leaked, that attribute will be revoked and then become unavailable instantly, remaining the users' other attributes still active. Moreover, we provide optional outsourced decryption capabilities. Resource-constrained users can choose to outsource partial decryption to any third-party proxy without disclosing the underlying plaintext. The performance analysis demonstrates that our proposal is better in functionality compared with existing schemes. Our scheme is proven secure against chosen-plaintext attacks in the random oracle model.

Lattice-based ABE-IBE Proxy Re-Encryption for IoT Systems

Abstract: <div>The recent expansion of the Internet of things (IoT) and its applications continues to dramatically change the IT services supporting manufacturing, energy management, intelligent transportation, smart cities, etc. These IT services often interconnect Internet-based Cloud systems with IoT or intelligent smart devices held by organisations. As IoT devices are resource-limited, the security of their communication is provided by lightweight cryptography that could consequently lead to the devices being insecure against a quantum adversary. On the other hand, Internet Cloud systems are resource-rich and could easily support post-quantum cryptography. This paper presents a proxy re-encryption scheme that translates ciphertexts of a classical lightweight encryption algorithm into their post quantum equivalent and vice versa. More precisely, we propose a lattice-based ABE-IBE (L ABE-IBE) proxy re-encryption scheme that transforms a classical lightweight ciphertext into a lattice based ciphertext. We compare our proposed L ABE-IBE proxy re-encryption scheme with classical proxy re-encryption (ABEIBE) schemes. We discuss the security and efficiency of our construction.</div>

Keyword Guessing Attacks on Some Proxy Re-Encryption with Keyword Search Schemes

Abstract: Public key encryption with keyword search (PEKS) is a practical cryptographic paradigm that enables one to search for the encrypted data without compromising the security of the original data. It provides a promising solution to the encrypted data retrieval issue in public key cryptosystems. As a combination of PEKS and proxy re-encryption (PRE), proxy re-encryption with keyword search (PRES) allows a semi-trusted proxy to simultaneously re-encrypt and search a delegator’s encrypted data. So far, several PRES schemes have been proposed in the literature. However, most of these schemes did not consider the keyword guessing attack. In this paper, we analyze the security of some PRES schemes and demonstrate that they are vulnerable to the keyword guessing attack. The presented attacks show that a malicious proxy can reveal the keyword encoded in any keyword trapdoor generated by these PRES schemes.

Blockchain data sharing method based on searchable proxy re-encryption

Abstract: The invention discloses a blockchain data sharing method based on searchable proxy re-encryption. The data is encrypted by a public key; agent re-encryption processing is used, the data is stored intoan external database; keywords of data is extracted, the keywords are encrypted by searchable symmetric encryption to form a keyword index I -Enc(MK, pp, wi), the index and a proxy re-encryption keyis attached to the tail of a transaction, broadcasting of the index and the proxy re-encryption key is realized to a blockchain network, transaction information is verified by a miner node, and the transaction information is added into a blockchain after the transaction information is errorless, via keyworks, , an own search token TK -TokenGen (MK, pp, wi) is generated through data user by the parameters; the Token is sent to a block chain network, the miner node carries out matching calculation on e (Ii, 1, TK1) ge (Ii, 2, TK2) = e (g, TK3) through the computer token and the keyword index, and after matching succeeds, the data storage position and the proxy re-encryption key are sent to a data user. A data user requests a ciphertext from an external database, converts the ciphertext intodata encrypted by a private key of the data user by using the proxy re-encryption key, and finally decrypts the data by using the private key of the data user.

Research on Non-interactive Construction based on Fuzzy Conditional Proxy Re-encryption

Abstract: In a conditional proxy re-encryption (C-PRE) scheme, a semi-trusted proxy can transform Alice’s ciphertext into Bob’s ciphertext without learning the underlying plaintext, if the ciphertext satisfies a certain condition. To achieve more fine-grained delegation on conditions, Fang, Wang and Ge introduced the notion of fuzzy conditional proxy re-encryption (FC-PRE), whereby the conditions is viewed a set of descriptive