Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

RSA-TBOS signcryption with proxy re-encryption

Abstract: The recent attack on Apple iTunes Digital Rights Management [17] has brought to light the usefulness of proxy re-encryption schemes for Digital Rights Management. It is known that the use of proxy re-encryption would have prevented the attack in [17]. With this utility in mind and with the added requirement of non-repudiation, we propose the first ever signcryption scheme with proxy re-encryption that does not involve bilinear maps. Our scheme is called RSA-TBOS-PRE and is based on the RSA-TBOS signcryption scheme of Mao and Malone-Lee [7]. We adapt various models available in the literature concerning authenticity, unforgeability and non-repudiation and propose a signature non-repudiation model suitable for signcryption schemes with proxy re-encryption. We show the non-repudiability of our scheme in this model. We also introduce and define a new security notion of Weak-IND-CCA2, a slightly weakened adaptation of the IND-CCA2 security model for signcryption schemes and prove that RSA-TBOS-PRE is secure in this model. Our scheme is Weak-IND-CCA2 secure, unidirectional, extensible to multi-use and does not use bilinear maps. This represents significant progress towards solving the open problem of designing an IND-CCA2 secure, unidirectional, multi-use scheme not using bilinear maps proposed in [15][12].

New constructions for identity-based unidirectional proxy re-encryption

Abstract: We address the cryptographic topic of proxy re-encryption (PRE), which is a special public-key cryptosystem. A PRE scheme allows a special entity, known as the proxy, to transform a message encrypted with the public key of a delegator (say Alice), into a new ciphertext that is protected under the public key of a delegatee (say Bob), and thus the same message can then be recovered with Bob's private key. In this paper, in the identity-based setting, we first investigate the relationship between so called mediated encryption and unidirectional PRE. We provide a general framework which converts any secure identity-based unidirectional PRE scheme into a secure identity-based mediated encryption scheme, and vice versa. Concerning the security for unidirectional PRE schemes, Ateniese et al. previously suggested an important property known as the master secret security, which requires that the coalition of the proxy and Bob cannot expose Alice's private key. In this paper, we extend the notion to the identity-based setting, and present an identity-based unidirectional PRE scheme, which not only is provably secure against the chosen ciphertext attack in the standard model but also achieves the master secret security at the same time.

Conditional proxy re-encryption for secure big data group sharing in cloud environment

Abstract: Conditional PRE (CPRE) is a novel public key primitive which enables the group sharing of confidential data without revealing its plaintext or decryption key to outside the group member. Previously, several efforts are made to facilitate CPRE in group data sharing in cloud environment. The main drawback of the state-of-art CPRE schemes for this purpose is that whenever the group member changes, the originator of the data needs to download all of the existing data on the cloud, encrypt them again with a new condition value, and uploads them to the cloud. As a result, they are not suitable for secure big data sharing among group member in cloud environment. In this paper, we introduce a new CPRE called the outsourcing CPRE scheme (O-CPRE) which reduces the client overhead drastically. When the membership of the group changes, in O-CPRE, the originator only needs to select a new condition value and upload it to the cloud. In addition, O-CPRE will move a part of client overhead at the initial setup stage and at the decryption of each message from the client to the cloud. As a result, O-CPRE is much more suitable for secure big data sharing in cloud environment than the other existing schemes.

Security and Privacy in VANET to reduce Authentication Overhead for Rapid Roaming Networks

Abstract: Since the last few years VANET have received increased attention as the potential technology to enhance active and preventive safety on the road, as well as travel comfort. Security and privacy are indispensable in vehicular communications for successful acceptance and deployment of such a technology. Generally, attacks cause anomalies to the network functionality. A secure VANET system, while exchanging information should protect the system against unauthorized message injection, message alteration, eavesdropping. In this paper, various security and privacy issues and challenges are discussed. The various authentication schemes in wireless LAN, VANETS are discussed. Out of various authentication schemes that are used to reduce the overhead in authentication, when roaming proxy reencryption scheme and new proxy re encryption scheme is reviewed in detail. A comparison between the two schemes is done, which shows that the privacy can be maintained better by using new proxy re encryption.

A novel authorization delegation scheme for multimedia social networks by using proxy re-encryption

Abstract: To solve the existing problem of the multimedia social networks platforms, for instance, the copyrighted or private multimedia content can not be safely shared among users, we proposed a novel authorization delegation scheme based on the proxy re-encryption mechanism This scheme enables one user to delegate digital rights/privileges to another or the group of users, and achieves fine-grained authorization delegation The ciphertext of content encryption key (CEK) was re-encrypted by the proxy with re-encryption key, which is generated by delegator, and then the ciphertext was sent to the delegatee only who could decrypt the ciphertext The CCA security of proxy re-encryption was formally proved that this scheme realized the authorization delegation while ensuring the confidentiality of both the sharing content and the delegator's private key Besides, the privileges can be revoked when the usage control policies have not yet been satisfied Finally, we demonstrated in detail that the proposed scheme was applied to a multimedia social network prototype called by CyVOD MSN, and it achieved the security share of multimedia content and the functionality of digital rights management, together with better resolving the issue of limited access control list