Cloud based data sharing with fine-grained proxy re-encryption

Conditional proxy re-encryption (CPRE) enables fine-grained delegation of decryption rights, and has many real-world applications. In this paper, we present a ciphertext-policy attribute based CPRE scheme, together with a formalization of the primitive and its security analysis. We demonstrate the utility of the scheme in a cloud deployment, which achieves fine-grained data sharing. This application implements cloud server-enabled user revocation, offering an alternative yet more efficient solution to the user revocation problem in the context of fine-grained encryption of cloud data. High user-side efficiency is another prominent feature of the application, which makes it possible for users to use resource constrained devices, e.g., mobile phones, to access cloud data. Our evaluations show promising results on the performance of the proposed scheme.

[1]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[2]  Zhong Chen,et al.  Ciphertext Policy Attribute-Based Proxy Re-encryption , 2010, ICICS.

[3]  Jacob T. Schwartz,et al.  Fast Probabilistic Algorithms for Verification of Polynomial Identities , 1980, J. ACM.

[4]  Hoonjae Lee,et al.  Efficient Conditional Proxy Re-encryption with Chosen-Ciphertext Security , 2014, 2014 Ninth Asia Joint Conference on Information Security.

[5]  Robert H. Deng,et al.  Efficient Unidirectional Proxy Re-Encryption , 2010, AFRICACRYPT.

[6]  Robert H. Deng,et al.  Conditional proxy re-encryption secure against chosen-ciphertext attack , 2009, ASIACCS '09.

[7]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[8]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[9]  Richard Zippel,et al.  Probabilistic algorithms for sparse polynomials , 1979, EUROSAM.

[10]  Jing Zhao,et al.  Attribute-Based Conditional Proxy Re-Encryption with Chosen-Ciphertext Security , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[11]  Brent Waters,et al.  Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption , 2012, IACR Cryptol. ePrint Arch..

[12]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[13]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-Encryption , 2008, IEEE Transactions on Information Theory.

[14]  Yutaka Kawai,et al.  Outsourcing the Re-encryption Key Generation: Flexible Ciphertext-Policy Attribute-Based Proxy Re-encryption , 2015, ISPEC.

[15]  Duncan S. Wong,et al.  A ciphertext‐policy attribute‐based proxy re‐encryption scheme for data sharing in public clouds , 2015, Concurr. Comput. Pract. Exp..

[16]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[17]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[18]  Qiang Tang,et al.  Type-Based Proxy Re-encryption and Its Construction , 2008, INDOCRYPT.

[19]  Hideki Imai,et al.  Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes , 2009, IMACC.

[20]  Dan Boneh,et al.  A Method for Fast Revocation of Public Key Certificates and Security Capabilities , 2001, USENIX Security Symposium.

[21]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[22]  Yunlei Zhao,et al.  Generic Construction of Chosen Ciphertext Secure Proxy Re-Encryption , 2012, CT-RSA.

[23]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[24]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[25]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[26]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[27]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[28]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.

[29]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[30]  Hugo Krawczyk,et al.  Relaxing Chosen-Ciphertext Security , 2003, CRYPTO.

[31]  Jian Weng,et al.  Fine-Grained Conditional Proxy Re-Encryption and Application , 2014, ProvSec.

[32]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[33]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[34]  Joseph K. Liu,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing , 2015, Future Gener. Comput. Syst..

[35]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[36]  Kefei Chen,et al.  Chosen-Ciphertext Secure Proxy Re-encryption without Pairings , 2008, CANS.

[37]  Zhenfu Cao,et al.  CCA-Secure Proxy Re-Encryption without Pairings , 2009, IACR Cryptol. ePrint Arch..