Certificate-Based Proxy Re-encryption for Public Cloud Storage

Recently cloud computing paradigm has increasingly become a new model in which a shared pool of configurable computing resources is provided as services over the Internet. Specially, this paradigm encourages an efficient model for data sharing among cloud users since data owners are able to outsource their data to public cloud storage which can provide access to the data as a service. Considering the useful data sharing model in the cloud, however, it brings new security challenges that make users apprehensive about data confidentiality for their sensitive data on public cloud storage. In this paper, we introduce the notion of certificate-based proxy re-encryption as a new cryptographic primitive to effectively support the data confidentiality on the outsourced data in public cloud storage. In particular, we give a formal security model for secure certificate-based proxy re-encryption schemes and present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. Finally, we show that our scheme has chosen cipher text security in the random oracle model.

[1]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[2]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[3]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[4]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[5]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[6]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[7]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[8]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-Encryption , 2008, IEEE Transactions on Information Theory.

[9]  Tatsuaki Okamoto,et al.  How to Enhance the Security of Public-Key Encryption at Minimum Cost , 1999, Public Key Cryptography.

[10]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[11]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[12]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[13]  Kenneth G. Paterson,et al.  CBE from CL-PKE: A Generic Construction and Efficient Schemes , 2005, Public Key Cryptography.

[14]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[15]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[16]  Zhenfu Cao,et al.  CCA-Secure Proxy Re-Encryption without Pairings , 2009, IACR Cryptol. ePrint Arch..

[17]  Yi Mu,et al.  Identity-based data storage in cloud computing , 2013, Future Gener. Comput. Syst..