Encryption Switching Service: Securely Switch Your Encrypted Data to Another Format

Big data analytics has been regarded as a promising technology to yield better insights into future development by government and industry. Data collection and aggregation are necessary steps to enable data analysis. However, data may be dispersed across multiple places and in different formats. Even worse, data can be encrypted under different encryption mechanisms when different data owners try to secure their data. This makes data aggregation very difficult, if not impossible, especially when the encryption keys cannot be shared for various reasons. In this paper, we take the first step in addressing this problem. More specifically, we propose a new notion of cross-domain encryption switching that bridges two well-studied encryption mechanisms, namely traditional public key encryption and identity-based encryption. As of independent interest, our notion supports keyword search over encrypted data. We provide a provably-secure instantiation satisfying the notion, and further present the efficiency analysis to show the scalability. Our proposed scheme is applicable in multi-domain cloud storage system.

[1]  Robert H. Deng,et al.  Chosen-ciphertext secure bidirectional proxy re-encryption schemes without pairings , 2010, Inf. Sci..

[2]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[3]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.

[4]  Peng Jiang,et al.  Secure-channel free keyword search with authorization in manager-centric databases , 2017, Comput. Secur..

[5]  Brent Waters,et al.  New constructions and practical applications for private stream searching , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[6]  Peng Jiang,et al.  Online/Offline Ciphertext Retrieval on Resource Constrained Devices , 2016, Computer/law journal.

[7]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.

[8]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[9]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[10]  Jiguo Li,et al.  Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage , 2017, Int. J. Commun. Syst..

[11]  Xiaolei Dong,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes , 2015, IEEE Transactions on Information Forensics and Security.

[12]  Guomin Yang,et al.  An Adaptively CCA-Secure Ciphertext-Policy Attribute-Based Proxy Re-Encryption for Cloud Data Sharing , 2014, ISPEC.

[13]  Yunlei Zhao,et al.  On the Security of a Bidirectional Proxy Re-encryption Scheme from PKC 2010 , 2011, Public Key Cryptography.

[14]  Jan Camenisch,et al.  Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data , 2009, Public Key Cryptography.

[15]  Fabien Laguillaumie,et al.  Encryption Switching Protocols Revisited: Switching Modulo p , 2017, CRYPTO.

[16]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[17]  Xiaolei Dong,et al.  Auditable $\sigma $ -Time Outsourced Attribute-Based Encryption for Access Control in Cloud Computing , 2018, IEEE Transactions on Information Forensics and Security.

[18]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[19]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[20]  Joseph K. Liu,et al.  A DFA-Based Functional Proxy Re-Encryption Scheme for Secure Public Cloud Data Sharing , 2014, IEEE Transactions on Information Forensics and Security.

[21]  Hiroshi Doi,et al.  Hybrid Proxy Re-encryption Scheme for Attribute-Based Encryption , 2009, Inscrypt.

[22]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[23]  Dong Hoon Lee,et al.  Improved searchable public key encryption with designated tester , 2009, ASIACCS '09.

[24]  Peng Jiang,et al.  Public Key Encryption with Authorized Keyword Search , 2016, ACISP.

[25]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[26]  Pieter H. Hartel,et al.  Searching Keywords with Wildcards on Encrypted Data , 2010, SCN.

[27]  Wen-Guey Tzeng,et al.  Identity-Based Proxy Re-encryption Without Random Oracles , 2007, ISC.

[28]  David Pointcheval,et al.  Encryption Switching Protocols , 2015, CRYPTO.

[29]  Qiang Tang,et al.  Type-Based Proxy Re-encryption and Its Construction , 2008, INDOCRYPT.