A pairing-free certificate-based proxy re-encryption scheme for secure data sharing in public clouds

To assure the confidentiality of the sensitive data stored in public cloud storages, the data owners should encrypt their data before submitting them to the clouds. However, it brings new challenge for us to effectively share the encrypted data in the public clouds. The paradigm of proxy re-encryption provides a promising solution to data sharing as it enables a data owner to delegate the decryption rights of the encrypted data to the authorized recipients without any direct interaction. Certificate-based proxy re-encryption is a new cryptographic primitive to effectively support the data confidentiality in public cloud storages, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. In this paper, we propose a certificate-based proxy re-encryption scheme without bilinear pairings. The proposed scheme is proven secure under the computational Diffie-Hellman assumption in the random oracle model. Due to avoiding the time-consuming bilinear pairing operations, the proposed scheme significantly reduces the computation cost. Compared to the previous certificate-based proxy re-encryption schemes with bilinear pairings, it enjoys obvious advantage in the computation efficiency, and thus is more suitable for the computation-limited or power-constrained devices. This paper proposes a pairing-free certificate-based proxy re-encryption scheme.The scheme is proven secure under the classic CDH assumption.The scheme is particularly suitable for the computation-limited devices.

[1]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-encryption , 2008, Public Key Cryptography.

[2]  Paulo S. L. M. Barreto,et al.  Efficient Implementation of Pairing-Based Cryptosystems , 2004, Journal of Cryptology.

[3]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[4]  Toshihiko Matsuo,et al.  Proxy Re-encryption Systems for Identity-Based Encryption , 2007, Pairing.

[5]  Joseph K. Liu,et al.  A DFA-Based Functional Proxy Re-Encryption Scheme for Secure Public Cloud Data Sharing , 2014, IEEE Transactions on Information Forensics and Security.

[6]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[7]  Jie Wu,et al.  Time-based proxy re-encryption scheme for secure data sharing in a cloud environment , 2014, Inf. Sci..

[8]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[9]  Jiguo Li,et al.  Certificate-Based Conditional Proxy Re-Encryption , 2015, NSS.

[10]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[11]  Ian F. Blake,et al.  Refinements of Miller's algorithm for computing the Weil/Tate pairing , 2006, J. Algorithms.

[12]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[13]  Paz Morillo,et al.  Improved certificate-based encryption in the standard model , 2008, J. Syst. Softw..

[14]  Joseph K. Liu,et al.  Efficient Certificate-Based Encryption in the Standard Model , 2008, SCN.

[15]  Zuhua Shao,et al.  Enhanced Certificate-Based Encryption from pairings , 2011, Comput. Electr. Eng..

[16]  Jerzy Pejas,et al.  Implicit and Explicit Certificates-Based Encryption Scheme , 2014, CISIM.

[17]  Zhenfu Cao,et al.  A Certificate-Based Proxy Cryptosystem with Revocable Proxy Decryption Power , 2007, INDOCRYPT.

[18]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[19]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[20]  Wen-Guey Tzeng,et al.  Identity-Based Proxy Re-encryption Without Random Oracles , 2007, ISC.

[21]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[22]  Yang Lu,et al.  Constructing Efficient Certificate-based Encryption with Paring , 2009, J. Comput..

[23]  Xinwen Zhang,et al.  CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud , 2012, ASIACCS '12.

[24]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[25]  Zhenfu Cao,et al.  CCA-Secure Proxy Re-Encryption without Pairings , 2009, IACR Cryptol. ePrint Arch..

[26]  Zhong Chen,et al.  Fully Secure Unidirectional Identity-Based Proxy Re-encryption , 2011, ICISC.

[27]  Yang Lu,et al.  Efficient Certificate-Based Proxy Re-encryption Scheme for Data Sharing in Public Clouds , 2015, KSII Trans. Internet Inf. Syst..

[28]  Joseph K. Liu,et al.  An Efficient Cloud-Based Revocable Identity-Based Proxy Re-encryption Scheme for Public Clouds Data Sharing , 2014, ESORICS.

[29]  Jiguo Li,et al.  Certificate-Based Encryption Scheme without Pairing , 2013, KSII Trans. Internet Inf. Syst..

[30]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[31]  Tatsuaki Okamoto,et al.  How to Enhance the Security of Public-Key Encryption at Minimum Cost , 1999, Public Key Cryptography.

[32]  Sang-Uk Shin,et al.  Certificate-Based Proxy Re-encryption for Public Cloud Storage , 2013, 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.