Identity-based proxy re-encryption version 2: Making mobile access easy in cloud

Proxy re-encryption (PRE) enables an authorized proxy to convert a ciphertext under Alice's public key into a ciphertext under Bob's public key without exposing the encrypted message. In existing PRE systems, the original ciphertexts and the re-encrypted ones are both required to be in the same cryptosystem, which limits their applications in cloud computing systems. In this paper, we propose a new proxy re-encryption pattern, referred to as an identity-based proxy re-encryption version 2 (IBPRE2). It allows an authorized proxy to convert a ciphertext of an identity-based broadcast encryption (IBBE) scheme into a ciphertext of an identity-based encryption (IBE) scheme. With IBPRE2, one can take advantage of IBBE to securely share data with a set of recipients, and then incorporate an additional one into the authorized set through the re-encryption mechanism, without decrypting the IBBE ciphertext nor leaking any sensitive information. We formalize the security requirements in IBPRE2 and propose a provably CCA-secure scheme. The unique feature of ciphertext transformation from a complicated cryptosystem to a simple one makes our IBPRE2 a versatile cryptographic tool to secure outsourced data in cloud computing. We propose a framework of identity-based proxy re-encryption (IBPRE2) system for cloud computing.We formally define the CCA (chosen-ciphertext attack) security of the IBPRE2.We construct an IBPRE2 scheme and prove its CCA-security assuming that the underlying cryptographic primitives are secure.

[1]  Joseph K. Liu,et al.  Asymmetric Cross-cryptosystem Re-encryption Applicable to Efficient and Secure Mobile Access to Outsourced Data , 2015, AsiaCCS.

[2]  Fred B. Schneider,et al.  Distributed Blinding for ElGamal Re-encryption , 2004 .

[3]  Jianwei Liu,et al.  Hierarchical Identity-Based Broadcast Encryption , 2014, ACISP.

[4]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[5]  Qixiang Mei,et al.  Direct chosen ciphertext security from identity-based techniques , 2005, CCS '05.

[6]  Kefei Chen,et al.  Chosen-Ciphertext Secure Proxy Re-encryption without Pairings , 2008, CANS.

[7]  Yunlei Zhao,et al.  On the Security of a Bidirectional Proxy Re-encryption Scheme from PKC 2010 , 2011, Public Key Cryptography.

[8]  Yevgeniy Dodis,et al.  Proxy cryptography revisted , 2003 .

[9]  Wen-Guey Tzeng,et al.  Identity-Based Proxy Re-encryption Without Random Oracles , 2007, ISC.

[10]  Yi Mu,et al.  Identity-based data storage in cloud computing , 2013, Future Gener. Comput. Syst..

[11]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[12]  Joseph K. Liu,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing , 2015, Future Gener. Comput. Syst..

[13]  Ryo Nishimaki,et al.  CCA Proxy Re-Encryption without Bilinear Maps in the Standard Model , 2010, Public Key Cryptography.

[14]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[15]  David Pointcheval,et al.  Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys , 2007, Pairing.

[16]  Toshihiko Matsuo,et al.  Proxy Re-encryption Systems for Identity-Based Encryption , 2007, Pairing.

[17]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[18]  Zhenfu Cao,et al.  CCA-Secure Proxy Re-Encryption without Pairings , 2009, IACR Cryptol. ePrint Arch..

[19]  Zhong Chen,et al.  Ciphertext Policy Attribute-Based Proxy Re-encryption , 2010, ICICS.

[20]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[21]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-encryption , 2008, Public Key Cryptography.

[22]  Young-Sik Jeong,et al.  A secure and scalable storage system for aggregate data in IoT , 2015, Future Gener. Comput. Syst..

[23]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[24]  Jun Shao,et al.  Anonymous ID-Based Proxy Re-Encryption , 2012, ACISP.

[25]  Yutaka Kawai,et al.  Fully-Anonymous Functional Proxy-Re-Encryption , 2013, IACR Cryptol. ePrint Arch..

[26]  Markus Jakobsson,et al.  On Quorum Controlled Asymmetric Proxy Re-encryption , 1999, Public Key Cryptography.

[27]  Benoît Libert,et al.  Tracing Malicious Proxies in Proxy Re-encryption , 2008, Pairing.

[28]  Cécile Delerablée,et al.  Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys , 2007, ASIACRYPT.

[29]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[30]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.