Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

Secure group key management using uni-directional proxy re-encryption schemes

Abstract: The group key management is for a group manager to maintain a consistent group key for a dynamic group of members through a broadcast channel. In this paper we propose a group key management scheme based on a meta proxy re-encryption (PRE) scheme. In particular, we propose an RSA-based PRE scheme with special properties. It is the first RSA-based PRE scheme for group key management and has the desired properties of uni-directionality and multi-hop. In our group key management scheme, each group member holds just one secret auxiliary key and logN public auxiliary keys. The size of rekey messages for each group key update remains O(logN). Additionally, our scheme has some distinct features. Firstly, the size of the key update history is a constant O(N) no matter how many times of group key updates occur. Secondly, the computation time of computing the newest group key from the key update history is always O(logN) no matter how many group key updates are missed. This feature provides a practical solution for group key update when members go offline from time to time. Finally, the proposed scheme is immune to the collusion attack of other members.

A Study of Attribute-Based Proxy Re-Encryption Scheme in Cloud Environments

Abstract: Attribute-based proxy re-encryption (ABPRE) scheme is one of the proxy cryptography, which can delegate the re-encryption capability to the proxy and re-encrypt the encrypted data by using the re-encryption key. ABPRE ex-tending the traditional proxy cryptography and attributes plays an important role. In ABPRE, users are identified by attributes, and the access policy is designed to control the user's access. Using ABPRE can have these advantages: (i) The proxy can be delegated to execute the re-encryption operation, which reduces the computation overhead of the data owner;(ii) The authorized user just uses his own secret key to decrypt the encrypted data, and he doesn't need to store an additional decryption key for deciphering;(iii) The sensitive information cannot be revealed to the proxy in re-encryption, and the proxy only complies to the data owner's command. In this paper, we survey two various access policy attribute-based proxy re-encryption schemes and analyze these schemes. Thereafter, we list the comparisons of them by some criteria.

Identity-Based Conditional Proxy Re-Encryption

Abstract: This paper proposes a new cryptographic primitive, named identity-based conditional proxy re-encryption (IBCPRE). In this primitive, a proxy with some information (a.k.a. re-encryption key) is allowed to transform a subset of ciphertexts under an identity to other ciphertexts under another identity. Due to the specific transformation, IBCPRE is very useful in encrypted email forwarding. Furthermore, we propose a concrete IBCPRE scheme based on Boneh-Franklin identity-based encryption. The proposed IBCPRE scheme is secure against the chosen ciphertext and identity attack in the random oracle.

An efficient and secure data sharing framework using homomorphic encryption in the cloud

Abstract: Due to cost-efficiency and less hands-on management, data owners are outsourcing their data to the cloud which can provide access to the data as a service. However, by outsourcing their data to the cloud, the data owners lose control over their data as the cloud provider becomes a third party. At first, encrypting the data by the owner and then exporting it to the cloud seems to be a good approach. However, there is a potential efficiency problem with the outsourced encrypted data when the data owner revokes some of the users' access privileges. An existing solution to this problem is based on symmetric key encryption scheme and so it is not secure when a revoked user rejoins the system with different access privileges to the same data record. In this paper, we propose an efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system. Our framework is secure under the security definition of Secure Multi-Party Computation (SMC) and also is a generic approach - any additive homomorphic encryption and proxy re-encryption schemes can be used as the underlying sub-routines. In addition, we also modify our underlying Secure Data Sharing (SDS) framework and present a new solution based on the data distribution technique to prevent the information leakage in the case of collusion between a user and the Cloud Service Provider.

A CCA-secure key-policy attribute-based proxy re-encryption in the adaptive corruption model for dropbox data sharing system

Abstract: The notion of attribute-based proxy re-encryption extends the traditional proxy re-encryption to the attribute-based setting. In an attribute-based proxy re-encryption scheme, the proxy can convert a ciphertext under one access policy to another ciphertext under a new access policy without revealing the underlying plaintext. Attribute-based proxy re-encryption has been widely used in many applications, such as personal health record and cloud data sharing systems. In this work, we propose the notion of key-policy attribute-based proxy re-encryption, which supports any monotonic access structures on users’ keys. Furthermore, our scheme is proved against chosen-ciphertext attack secure in the adaptive model.