Proxy re-encryption

About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.

Secure Certificateless Proxy Re-encryption Without Pairing

Abstract: A Proxy Re-encryption (PRE) is a cryptographic scheme for delegation of decryption rights. In a PRE scheme, a semi-honest proxy agent of Bob re-encrypts the ciphertext, on the message intended for Alice, on behalf of Bob, without learning anything about the message. The PRE schemes are useful in the scenarios where data are desired to be shared with the authorized users over the cloud. For such important applications, in this paper, we present an efficient and secure proxy re-encryption scheme. To avoid the overhead due to certification and to get rid of the key escrow issue of identity-based setting, we construct our scheme on the certificateless setting. The scheme has been proved secure in random oracle model under the standard assumption, the hardness of the computational Diffie-Hellman problem (CDHP). Moreover, as we device a pairing-free construction, our scheme is significantly more efficient than the best available scheme.

Proxy Re-Encryption Scheme for Decentralized Storage Networks

Abstract: Storage is a promising application for permission-less blockchains. Before blockchain, cloud storage was hosted by a trusted service provider. The centralized system controls the permission of the data access. In web3, users own their data. Data must be encrypted in a permission-less decentralized storage network, and the permission control should be pure cryptographic. Proxy re-encryption (PRE) is ideal for cryptographic access control, which allows a proxy to transfer Alice’s ciphertext to Bob with Alice’s authorization. The encrypted data are stored in several copies for redundancy in a permission-less decentralized storage network. The redundancy suffers from the outsourcing attack. The malicious resource provider may fetch the content from others and respond to the verifiers. This harms data integrity security. Thus, proof-of-replication (PoRep) must be applied to convince the user that the storage provider is using dedicated storage. PoRep is an expensive operation that encodes the original content into a replication. Existing PRE schemes cannot satisfy PoRep, as the cryptographic permission granting generates an extra ciphertext. A new ciphertext would result in several expensive replication operations. We searched most of the PRE schemes for the combination of the cryptographic methods to avoid transforming the ciphertext. Therefore, we propose a new PRE scheme. The proposed scheme does not require the proxy to transfer the ciphertext into a new one. It reduces the computation and operation time when allowing a new user to access a file. Furthermore, the PRE scheme is CCA (chosen-ciphertext attack) security and only needs one key pair.

Non-transitive and collusion resistant quorum controlled proxy re-encryption scheme for resource constrained networks

Abstract: We focus on proposing a threshold proxy re-encryption scheme for networks with resource constrained devices. We show that the existing quorum controlled proxy re-encryption scheme by Jakobsson does not meet the basic definition of proxy re-encryption scheme. Also, we show that the existing scheme is transitive, not collusion safe, and is transferable. We propose a gradual and simultaneous, collusion-safe, non-transitive quorum controlled proxy re-encryption scheme for delegating the ciphertext encrypted for one user to another user. The proposed scheme can be used in resource constrained networks such as hierarchical wireless sensor networks. As the proposed scheme is gradual and simultaneous, each node in the network needs to carry out the minimal computations. The proposed scheme is proved to be correct and is IND-CPA secure.