Yingwen Chen,Bowen Hu,Hujie Yu,Zhimin Duan,Junxin Huang

DOI: https://doi.org/10.3390/electronics10192359

IF: 2.9

2021-09-27

Electronics

Abstract:The IoT devices deployed in various application scenarios will generate massive data with immeasurable value every day. These data often contain the user’s personal privacy information, so there is an imperative need to guarantee the reliability and security of IoT data sharing. We proposed a new encrypted data storing and sharing architecture by combining proxy re-encryption with blockchain technology. The consensus mechanism based on threshold proxy re-encryption eliminates dependence on the third-party central service providers. Multiple consensus nodes in the blockchain network act as proxy service nodes to re-encrypt data and combine converted ciphertext, and personal information will not be disclosed in the whole procedure. That eliminates the restrictions of using decentralized network to store and distribute private encrypted data safely. We implemented a lot of simulated experiments to evaluate the performance of the proposed framework. The results show that the proposed architecture can meet the extensive data access demands and increase a tolerable time latency. Our scheme is one of the essays to utilize the threshold proxy re-encryption and blockchain consensus algorithm to support IoT data sharing.

engineering, electrical & electronic,computer science, information systems,physics, applied

Wu Liqiang,Han Yiliang,Yang Xiaoyuan,Zhang Minqing

DOI: https://doi.org/10.1631/fitee.2000366

IF: 2.526

2022-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Threshold proxy re-encryption (TPRE) can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies, and can also provide normal services even when certain proxy servers are paralyzed or damaged. A non-interactive identity-based TPRE (IB-TPRE) scheme over lattices is proposed which removes the public key certificates. To accomplish this scheme, Shamir's secret sharing is employed twice, which not only effectively hides the delegator's private key information, but also decentralizes the proxy power by splitting the re-encryption key. Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share. This property is achieved by lattice-based fully homomorphic signatures. As a result, the whole scheme is thoroughly capable of resisting quantum attacks even when they are available. The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model. Two typical application scenarios, including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography, are presented.

WANG Yong-bing,LU Zheng-guo,ZHANG Jian-zhong

DOI: https://doi.org/10.3778/j.issn.1002-8331.2008.05.042

2008-01-01

Computer Engineering and Applications Journal

Abstract:The concepts of shared verification and signcryption are introduced into threshold proxy signature,and a secure and efficient threshold proxy signcryption scheme with shared verification is presented.In the scheme,any t or more proxy signers can sign a message on behalf of an original signer,and only t or more verifiers of the specified group together can recover the message and verify the validity of proxy signcryption.Furthermore,the scheme also has the merits of secrecy,public verifiability and pubic delegation.

Ismail Keshta,Yassine Aoudni,Mukta Sandhu,Abha Singh,Pardayev Abdunabi Xalikovich,Ali Rizwan,Mukesh Soni,Sachin Lalar

DOI: https://doi.org/10.1016/j.phycom.2023.102048

IF: 2.379

2023-03-11

Physical Communication

Abstract:The blockchain stores transaction data in a distributed shared global ledger. It is challenging to strike a balance between privacy protection and usefulness while sharing data. Moreover, the dynamic adjustment of blockchain data access rights is a challenging problem. To this end, this paper suggests a blockchain data-controlled sharing scheme based on proxy re-encryption. First, a proxy re-encryption algorithm is constructed based on SM2 and the blockchain. Blockchain data sharing can give businesses a secure way to store and share data. Since this network is decentralized, and data is transmitted across a peer-to-peer network under the protection of an unchangeable cryptographic signature. Blockchain makes it more difficult to alter or hack the data. The data-controlled sharing scheme uses proxy re-encryption to protect transaction data privacy and realize data security sharing. Secondly, a dynamic adjustment mechanism for user rights is proposed. Blockchain nodes divide labor and manage re-encryption key parameters separately to achieve user access rights determinism Update, the visibility of transaction data is dynamically adjusted. Finally, the performance and security evaluation demonstrate that this scheme can realize the dynamic sharing of blockchain data while protecting transaction privacy and has advantages in computing overhead, which is better applicable to the Controlled sharing of blockchain data. This research suggests a regulated blockchain-based data-sharing system that makes use of proxy re-encryption. They are developing a proxy re-encryption algorithm with SM2 in order to fully safeguard the privacy of transaction data and to achieve data access authority determination by controlling proxy re-encryption key parameters. It is suggested to employ a hybrid attribute-based proxy re-encryption method that enables the proxy server to change attribute-encrypted cypher texts into identity-based encrypted cypher texts so that users with limited resources can access the previously encrypted material.

telecommunications,engineering, electrical & electronic

Jiahao Liu,Junjian Li,Ruoyu Wang,Chao Li,Wuhao Xia

DOI: https://doi.org/10.1109/DSC59305.2023.00028

2023-08-18

Abstract:In today's digital economy, data sharing has become imperative for advancing economic growth and technology development, as multi-party collaboration requires secure data exchange. During data sharing, upholding data security and privacy is paramount. However, existing data sharing solutions mostly rely on cloud storage and transfer, which have risks of single-point failure and compromise privacy and security. To tackle these challenges, we propose a novel solution that leverages proxy re-encryption and digital watermarking technologies, and employs blockchain to achieve equivalent access control functions based on the cloud environment, thereby mitigating the single point of failure issue. Moreover, our solution can effectively prevent data requesters from illegally sharing data with others. If any requester leaks data without authorization, we can trace the source based on the watermark embedded in the leaked data. In summary, our proposed solution enables more secure and privacy-preserving data sharing, which can potentially benefit a wide range of data sharing applications.

Computer Science,Engineering

Piyi Yang,Zhenfu Cao,Xiaolei Dong

DOI: https://doi.org/10.1007/s11424-011-8370-3

2011-01-01

Journal of Systems Science and Complexity

Abstract:The focus of this paper is to design an efficient and secure solution addressing the semi trusted issue in proxy re-signature schemes, i.e., the proxy knows the re-signature key from user A to user B, so he is able to translate any signatures made by user A to user B, which damages the essential requirement (“non-repudiation” property) of proxy re-signature schemes. In this paper, the authors first define the security model for threshold proxy re-signature scheme, and then propose two threshold proxy re-signature schemes based on Ateniese-Hohenberger’s and Shao-Cao-Wang-Liang’s approach.

Jingyu Feng,Yue Li,Teng Wang,Shuanggen Liu

DOI: https://doi.org/10.1109/jiot.2024.3425450

IF: 10.6

2024-10-12

IEEE Internet of Things Journal

Abstract:The industrial Internet information system has become the key to protecting the new generation of information infrastructure, and its data security storage and sharing are crucial for platform construction and alliance development. In response to security challenges, such as privacy leakage, data tampering, and lack of effective isolation in the current industrial Internet data storage and sharing process, this article proposes an industrial Internet data-sharing scheme based on multiclouds and multichains collaborative storage mode. The proposed scheme supports keyword search and utilizes certificateless threshold proxy re-encryption (PRE) technology. Our scheme allows industrial enterprises to securely store a large amount of sensitive data ciphertext in private clouds, while classifying and storing metadata ciphertext on different blockchains. A data protection algorithm that avoids private key escrow and supports ciphertext retrieval is constructed by combining certificateless PRE, threshold secret sharing, and searchable encryption techniques. In addition, a trust evaluation consensus algorithm is designed to select nodes with high trust as proxies in blockchain networks, solving the trust problem in traditional PRE schemes. Security analysis shows that our scheme can effectively resist collusion attacks and data tampering. Performance and simulation comparison analysis show that the main algorithms in our scheme have a lower time cost compared to the other typical schemes involved in comparison.

computer science, information systems,telecommunications,engineering, electrical & electronic

LOU Sheng-ming,CAO Zhen-fu

DOI: https://doi.org/10.3969/j.issn.1001-7011.2010.02.004

2010-01-01

Abstract:An efficient ID-based proxy re-encryption scheme with threshold multi-proxy is proposed. Unlike the previous proxy re-encryption schemes,the proxy in this proposal is a group of entities instead of a single entity,only t or more entities out of n entities in the group can realize the functionality of the proxy. Furthermore,this proposal is selective ID-IND-CCA secure in the standard model.

Yuling Huang,Chuang Ma,Guangxia Xu

DOI: https://doi.org/10.1109/CloudNet59005.2023.10490083

2023-11-01

Abstract:With the rapid development of the internet economy, blockchain has emerged as one of the leading methods for data sharing. However, due to the high value and sensitivity of data assets, electronic data sharing faces challenges such as access control and privacy leakage. Traditional encryption schemes based on attributes have been ineffective in addressing these problems and still suffer from security vulnerabilities. In this paper, we propose a decentralized data sharing framework that combines keyword-searchable attributes encryption with proxy re-encryption using blockchain technology and Interplanetary File Systems. This framework offers high flexibility and efficiency by addressing the issues of a single point of failure and privacy leaks. We provide comprehensive and rigorous proofs of security and efficiency for our scheme, considering security proof and storage overhead. The simulation results demonstrate that our scheme satisfies the requirements for ciphertext and keyword security and is capable of resisting collusive attacks. Furthermore, our proposed scheme exhibits higher computational efficiency and better feasibility compared to existing schemes.

Computer Science

Jiayuan Zhang,Rongxin Guo,Yifan Shi,Wanting Tang

DOI: https://doi.org/10.3934/mbe.2024271

2024-06-03

Abstract:Many current electronic medical record (EMR) sharing schemes that use proxy re-encryption and blockchain do not fully consider the potential threat of malicious node impersonation attacks. This oversight could lead to data leakage as attackers masquerade as legitimate users or proxy nodes during the sharing process. To deal with this problem, we propose an EMR sharing scheme based on proxy re-encryption and blockchain to protect against impersonation attacks. First, we prevent the potential threat of impersonation attacks by generating a shared temporary key and assigning tasks to multiple proxy nodes. Second, we use a random function to ensure that the selection of encrypted proxy nodes is fair. Third, we use a combination of blockchain and the InterPlanetary File System to solve the problem of insufficient storage capacity of shared processes and ensure the storage security of EMRs. Through the security proof, our scheme guarantees anti-impersonation, anti-collusion, and anti-chosen plaintext attack capability in the sharing process of EMRs. Additionally, experiments on the blockchain platform, namely Chain33, show that our scheme significantly increases efficiency.

Yan Zhu,Bingyu Li,Zhenyang Ding,Yang,Qianhong Wu,Haibin Zheng

DOI: https://doi.org/10.1016/j.hcc.2023.100131

2023-01-01

High-Confidence Computing

Abstract:The communication efficiency optimization, censorship resilience, and generation of shared randomness are inseparable from the threshold cryptography in the existing Byzantine Fault Tolerant (BFT) consensus. The membership in consensus in a blockchain scenario supports dynamic changes, which effectively prevents the corruption of consensus participants. Especially in cross-chain protocols, the dynamic access to different blockchains will inevitably bring about the demand for member dynamic. Most existing threshold cryptography schemes rely on redefined key shares, leading to a static set of secret sharing participants. In this paper, we propose a general approach to coupling blockchain consensus and dynamic secret sharing. The committee performs consensus confirmation of both dynamic secret sharing and transaction proposals. Our scheme facilitates threshold cryptography membership dynamic, thus underlying support for membership dynamic of threshold cryptography-based BFT consensus schemes. We instantiate a dynamic HotStuff consensus to demonstrate the effectiveness of the scheme. After the correctness and security proof, our scheme achieves the secrecy and integrity of the threshold key shares while ensuring consensus liveness and safety. Experimental results prove that our scheme obtains dynamic membership with negligible overhead.

LIU Wen-qi,YANG Jian-hua,ZHANG Peng,OU Zong-ying

DOI: https://doi.org/10.3321/j.issn:1000-8608.2005.06.024

2005-01-01

Abstract:In a(t,n) threshold proxy signature scheme,any t or more proxy signers from the delegated proxy group are allowed to delegate the original signer to generate a valid proxy signature.It is more feasible in the situation of practical application because some situations of group-oriented application are considered.By far,most threshold proxy signature schemes proposed are based on the discrete logarithm problem.Since elliptic curve cryptosystem has the advantages of shorter key and more rapid speed at the same security level,a threshold proxy signature scheme based on elliptic curves is presented.Its security is based on the elliptic curve discrete logarithm problem.And the actual signers can be identified if it is necessary.Through security analysis the proposed scheme is proved to be capable of withstanding conspiracy attack and forgery attack.Because of the property of the elliptic curve cryptography,this scheme is efficient in terms of computational complexity and communication cost.

Kwame Opuni-Boachie Obour Agyekum,Qi Xia,Emmanuel Boateng Sifah,Jianbin Gao,Hu Xia,Xiaojiang Du,Moshen Guizani

DOI: https://doi.org/10.3390/s19051235

2019-03-11

Abstract:Access and utilization of data are central to the cloud computing paradigm. With the advent of the Internet of Things (IoT), the tendency of data sharing on the cloud has seen enormous growth. With data sharing comes numerous security and privacy issues. In the process of ensuring data confidentiality and fine-grained access control to data in the cloud, several studies have proposed Attribute-Based Encryption (ABE) schemes, with Key Policy-ABE (KP-ABE) being the prominent one. Recent works have however suggested that the confidentiality of data is violated through collusion attacks between a revoked user and the cloud server. We present a secured and efficient Proxy Re-Encryption (PRE) scheme that incorporates an Inner-Product Encryption (IPE) scheme in which decryption of data is possible if the inner product of the private key, associated with a set of attributes specified by the data owner, and the associated ciphertext is equal to zero 0 . We utilize a blockchain network whose processing node acts as the proxy server and performs re-encryption on the data. In ensuring data confidentiality and preventing collusion attacks, the data are divided into two, with one part stored on the blockchain network and the other part stored on the cloud. Our approach also achieves fine-grained access control.

Nabeil Eltayieb,Liang Sun,Ke Wang,Fagen Li

DOI: https://doi.org/10.1007/978-981-15-0818-9_19

2019-01-01

Abstract:Cloud computing is a powerful technology because it provides users with attractive online files sharing services. However, security and privacy are significant challenges since the cloud cannot be fully trusted due the traditional centralized management system. This paper proposes a certificateless proxy re-encryption as an efficient mechanism to secure access over outsourced data. The proposed scheme relies on blockchain technology for decentralized security administration and data protection. Besides, the scheme achieves data confidentiality and efficient revocation mechanism. Moreover, the security analysis proves the confidentiality and integrity of the data stored in the cloud server. Finally, we evaluate the performance of the proposed scheme.

Lu Chen,Xin Zhang,Zhixin Sun

DOI: https://doi.org/10.1155/2022/8996815

IF: 1.968

2022-04-06

Security and Communication Networks

Abstract:Blockchain is a distributed ledger that combines technologies such as timestamp, cryptography, consensus mechanism, and peer-to-peer network. In the field of data recording and management, the blockchain data query scheme based on smart contracts consumes a lot of resources, and blockchain platforms that do not support smart contracts cannot achieve convenient data query. This study proposes a blockchain data sharing query scheme based on threshold secret sharing. The secret elements used to query data are shared through the Blakley space plane equation to limit the rights of the inquirer, ensuring the security of blockchain data query. At the same time, the Blakley space plane equation coefficient matrix is used to segment the data to be uploaded to the blockchain. It solves the problem that the data cannot be directly stored in the block due to their large size. It facilitates data uploading to the blockchain. The experimental results show that the additional time consumption of the secret sharing and recovery, data segmentation, and reconstruction of this scheme is much less than the block generation time. Therefore, this solution will not affect the normal operation of blockchain applications and can improve the security and the fault tolerance rate of data query.

computer science, information systems,telecommunications

Cai Biao,Li Zhishu,Luo Zhen

DOI: https://doi.org/10.1109/iitsi.2010.123

2010-01-01

Abstract:Trust managements have employed in overlay networks to collectives peers contributing source of themselves to other entities. And there are several schemes to solute the privacy information of trust, but they have some inherent drawbacks. In this paper, we proposed a threshold secret sharing based trust information management scheme and the details of implement protocol. At last, the rationality analysis of the scheme is discussed.

孙超亮,曹珍富,梁晓辉

DOI: https://doi.org/10.3969/j.issn.1000-3428.2009.04.045

2009-01-01

Abstract:The paper proposes a new threshold proxy re-signature scheme.In the standard proxy re-signature scheme,a semi-trusted proxy can transform Alice’s signature into Bob’s signature on the same message,but in this scheme there are n semi-trusted proxies between the two signers and the re-signature generation can be performed if and only if there are at least t proxies.This scheme holds the features of proxy re-signature and threshold signature,so it is especially suitable for some complicated checking and voting system.

Licheng Wang,Jing Li,Jianhua Yan,Zhiguo Qu

DOI: https://doi.org/10.1109/incos.2016.12

2016-01-01

Abstract:Proxy re-encryption (PRE) enables a semi-trusted proxy to transfer Alice's secrets into Bob's secrets but without seeing the secrets. This functionality is very interesting for making balance between the information confidentiality and the mutual accessibility in various scenarios such as public cloud storage systems. During the past decades, many smart PRE schemes were built based on intractability assumptions such as integer factorization problems (IFP) and discrete logarithm problems (DLP). However, Shor's efficient quantum algorithms for IFP and DLP manifests a threat towards the security baseline of these schemes. Enlightened by Gu et al.'s recent work on resisting known quantum attacks, we propose an efficient PRE scheme based on the intractability of the (semi) group factorization problems in this paper. The security of the proposed scheme is analyzed according to some conceivable attacks.

Jianzhong Zhang

2012-01-01

Computer Engineering and Applications Journal

Abstract:Threshold proxy signature is a signature scheme which puts proxy signature and threshold signa-ture together.It has advantages of division of proxy powers and distributing the proxy key.Certificateless pub-lic key cryptography effectively solves the inherent key escrow problem in identity-based public key cryptog-raphy while keeps its certificate free property.This paper proposes a new certificateless threshold proxy signa-ture scheme putting the certificatless signature scheme and threshold proxy together.It is safe and efficient.

Qingshui Xue,Zhenfu Cao

DOI: https://doi.org/10.1007/978-3-540-30566-8_83

2004-01-01

Abstract:So far, all of proposed threshold proxy signature schemes are based on public key systems with certificates and most of them use Shamir's threshold secret share scheme. Self-certified public key system has attracted more and more attention because of its advantages. Based on Hsu et al's self-certified public key system and Li et al's proxy signature scheme, one threshold proxy signature scheme is proposed. The new scheme can provide the properties of proxy protection, verifiability, strong identifiability, strong unforgeability, strong repudiability, distinguishability, known signers and prevention of misuse. In the proxy signature verification phase, the authentication of original and proxy signers' public keys and the verification of the threshold proxy signature are executed together. In addition, the computation overhead and communication cost of the scheme are less than previous works with Shamir's secret share protocol and the public key system based on certificates.