Jianhong Zhang,Yuehai Wang

2019-01-01

Abstract:.As a significant cryptographical primitive, proxy re-signature(PRS) technique is broadly applied to distributed computation, copyright transfer and hidden path transfer because it permits that a proxy translates an entity’s signature into the other entity’s signature on the identical data. Recently, to discard time-consuming pairing operator and intricate certificate-maintenance, Wang et al. proposed two efficient pairing-free ID-based PRS schemes, and declared that their schemes were provably secure in the ROM. Very unluckily, in this investigation, we point out that Wang et al.’s schemes suffer from attacks of universal forgery by analysing their security, i.e., anyone can fabricate a signature on arbitrary file. After the relevant attacks are shown, the reasons which result in such attacks is analyzed. Finally, we discuss the corresponding improved method. Key–Words: ID-based PRS, integer factorization problem, universal forgeability, security attack

Xu An Wang,Xiaoyuan Yang,Cong Li,Yudong Liu,Yong Ding

DOI: https://doi.org/10.2298/CSIS171218024W

2018-01-01

Computer Science and Information Systems

Abstract:Recently Liang et al. propose an interesting privacy-preserving ciphertext multi-sharing control for big data storage mechanism, which is based on the cryptographic primitive of anonymous multi-hop identity based conditional proxy re-encryption scheme AMH-IBCPRE. They propose a concrete AMH-IBCPRE scheme and conclude their scheme can achieve IND-sCon-sID-CCA secure (indistinguishable secure under selectively conditional selectively identity chosen ciphertext attack). However, our research show their scheme can not be IND-sCon-sID-CCA secure for single-hop and multi-hop data sharing. Also in 2014, Liang et al. propose an interesting deterministic finite automata-based functional proxy reencryption scheme DFA-based FPRE for secure public cloud data sharing, they also conclude their scheme can achieve IND-CCA secure (indistinguishable secure under chosen ciphertext attack), we also show their scheme can not be IND-CCA secure either. For these two proposals, the main reason of insecurity is that part of the re-encryption key has the same structure as the valid ciphertext, thus the adversary can query on the decryption oracle with this part of the re-encryption key to get secret keys, which will break the CCA-security of their scheme. We give an improved AMH-IBCPRE scheme and an improved DFA-based FPRE scheme for cloud data sharing and show the new schemes can resist our attack and be CCA-secure. We also demonstrate our improved AMH-IBCPRE scheme's efficiency compared with other related identity based proxy re-encryption schemes, the results show our scheme is almost the most efficient one.

Yilei Wang,Dongjie Yan,Fagen Li,Hu Xiong

2017-01-01

Abstract:Proxy re-encryption (PRE) enables a semi-trusted proxy to delegate the decryption right by re-encrypting the ciphertext under the delegator’s public key to an encryption under the public key of delegatee. Fueled by the translation ability, PRE is regarded as a promising candidate to secure data sharing in a cloud environment. However, the security of the PRE will be totally destroyed in case the secret key of the delegator or the delegatee has been exposed. Despite the key exposure seems inevitable, the PRE scheme with resistance against secret key leakage has never been presented before. To deal with this intractable problem, we propose a key-insulated proxy reencryption (KIPRE) scheme by incorporating the mechanisms of PRE and key-insulated cryptosystem. In the proposed scheme, the lifetime of the secret key associated with the user, i.e., the delegator or the delegatee, has been divided into several periods. In each time period, the user can interact with his/her physically-secure but computation-limited helper to update his/her temporary secret key. On the contrary, the public keys of the users remained unchanged during the whole lifetime of the system. We then apply our KIPRE scheme to construct a practical solution to the problem of sharing sensitive information in public clouds with resilience to the key exposure. The performance evaluation and the security analysis demonstrate that our scheme is efficient and practical.

Xu An Wang,Jianfeng Ma,Xiaoyuan Yang,Yuechuan Wei

DOI: https://doi.org/10.1007/978-3-662-49017-4_5

2015-01-01

Abstract:In proxy re-encryption $$\\mathsf{PRE}$$, a semi-trusted proxy can convert a ciphertext originally intended for Alice into one which can be decrypted by Bob, while the proxy can not know the underlying plaintext. In multi-use $$\\mathsf{PRE}$$ schemes, the ciphertext can be transformed from Alice to Bob and to Charlie and so on. Due to its ciphertext transformation property, it is difficult to achieve chosen ciphertext security for $$\\mathsf{PRE}$$, especially for multi-use $$\\mathsf{PRE}$$. $$\\mathsf{IBE}$$ is a new kind of public-key encryption where the recipient's public key is an arbitrary string that represents the recipient's identity. Identity based proxy re-encryption $$\\textsf {IBPRE}$$ is a primitive combing the feature of $$\\mathsf{IBE}$$ and $$\\mathsf{PRE}$$. In 2010 Wang et al. has proposed a multi-use unidirectional CCA-secure identity based proxy re-encryption $$\\textsf {IBPRE}$$ scheme, and in 2011 Luo et al. has proposed an unidirectional identity based proxy re-encryption scheme. Unfortunately, we show these two proposals are not secure and thus can not be applied directly in multi-user networks.

Yunya Zhou,Hua Deng,Qianhong Wu,Bo Qin,Jianwei Liu,Yong Ding

DOI: https://doi.org/10.1016/j.future.2015.09.027

IF: 7.307

2015-01-01

Future Generation Computer Systems

Abstract:Proxy re-encryption (PRE) enables an authorized proxy to convert a ciphertext under Alice’s public key into a ciphertext under Bob’s public key without exposing the encrypted message. In existing PRE systems, the original ciphertexts and the re-encrypted ones are both required to be in the same cryptosystem, which limits their applications in cloud computing systems. In this paper, we propose a new proxy re-encryption pattern, referred to as an identity-based proxy re-encryption version 2 (IBPRE2). It allows an authorized proxy to convert a ciphertext of an identity-based broadcast encryption (IBBE) scheme into a ciphertext of an identity-based encryption (IBE) scheme. With IBPRE2, one can take advantage of IBBE to securely share data with a set of recipients, and then incorporate an additional one into the authorized set through the re-encryption mechanism, without decrypting the IBBE ciphertext nor leaking any sensitive information. We formalize the security requirements in IBPRE2 and propose a provably CCA-secure scheme. The unique feature of ciphertext transformation from a complicated cryptosystem to a simple one makes our IBPRE2 a versatile cryptographic tool to secure outsourced data in cloud computing.

Zhiguang Qin,Shikun Wu,Hu Xiong

DOI: https://doi.org/10.1007/978-3-319-22047-5_17

2015-01-01

Abstract:Proxy re-encryption (PRE) has been considered as a promising candidate to secure data sharing in public cloud by enabling the cloud to transform the ciphertext to legitimate recipients on behalf of the data owner, and preserving data privacy from semi-trusted cloud. Certificateless proxy re-encryption (CL-PRE) not only eliminates the heavy public key certificate management in traditional public key infrastructure, but also solves the key escrow problem in the ID-based public key cryptography. By considering that the existing CL-PRE schemes either rely on expensive bilinear pairings or are proven secure under weak security models, we propose a strongly secure CL-PRE scheme without resorting to the bilinear pairing. The security of our scheme is proven to be secure against adaptive chosen ciphertext attack (IND-CCA) under a stronger security model in which the Type I adversary is allowed to replace the public key associated with the challenge identity. Furthermore, the simulation results demonstrate that our scheme is practical for cloud based data sharing in terms of communication overhead and computation cost for data owner, the cloud and data recipient.

Hu Xiong,Lili Wang,Zhida Zhou,Zetong Zhao,Xin Huang,Saru Kumari

DOI: https://doi.org/10.1109/jiot.2021.3126230

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Puncturable proxy re-encryption (PPRE) is envisioned to provide secure access control delegation and fine-grained forward security for asynchronous group messaging systems. Nevertheless, the existing PPRE scheme not only suffers from the burden of certificate management but also merely achieves selective security based on the nonstandard assumption. In this article, a puncturable identity-based PRE (P-IB-PRE) scheme is proposed to efficiently protect the security and privacy of the group message. The proposed scheme introduces a message server as the proxy to transform ciphertext for each participant in the group; thus, the heavy computation overhead is delegated to the message server with abundant resources. Most importantly, our scheme enables the recipient to revoke its private key’s decryption capability of the specific messages without affecting other messages. Moreover, the identity-based mechanism eliminates the burden of certificate management as well as improves efficiency. The proposed scheme achieves adaptive security under the standard decisional bilinear Diffie–Hellman (DBDH) assumption. Eventually, theoretical and experimental analyses demonstrate that the proposed scheme has an excellent performance in efficiency and practicality.

computer science, information systems,telecommunications,engineering, electrical & electronic

Song Luo,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-17650-0_28

2010-01-01

Abstract:We present a novel ciphertext policy attribute-based proxy re-encryption (CP-AB-PRE) scheme. The ciphertext policy realized in our scheme is AND-gates policy supporting multi-value attributes, negative attributes and wildcards. Our scheme satisfies the properties of PRE, such as unidirectionality, non-interactivity and multi-use. Moreover, the proposed scheme has master key security, allows the encryptor to decide whether the ciphertext can be re-encrypted and allows the proxy to add access policy when re-encrypting ciphertext. Furthermore, our scheme can be modified to have constant ciphertext size in original encryption.

Yi Cai,Xudong Liu

DOI: https://doi.org/10.1109/scac.2014.18

2014-01-01

Abstract:Proxy re-encryption (PRE) has recently become a hot topic in cryptography research field. PRE can be classified as single-hop PRE and multi-use PRE according to the times the cipher text can be transformed. Finding a unidirectional, multi-use, and chosen cipher text attack (CCA) secure PRE is presented as an open problem by Green et al. Wang claimed to resolve this problem by proposing the first multi-use CCA-secure unidirectional PRE scheme. But we found that different with single-hop PRE, multi-use PRE without randomize encrypt key in its encryption algorithm could be vulnerable to attack. A new type attack to multi-use CCA-secure PRE named proxy bypass attack is proposed with a concrete attacks on Wang-Multi-Use-IB-PRE scheme. This attack is also effective for other multi-use scheme. At last we propose an improvement for Multi-Use-IB-PRE to resist proxy bypass attack by randomize re-encryption algorithm.

Lu Yan,Haozhe Qin,Kexin Yang,Heye Xie,Xu An Wang,Shuanggen Liu

DOI: https://doi.org/10.3390/electronics13030534

IF: 2.9

2024-01-29

Electronics

Abstract:The popularity of secure cloud data sharing is on the rise, but it also comes with significant concerns about privacy violations and data tampering. While existing Proxy Re-Encryption (PRE) schemes effectively protect data in the cloud, challenges persist with certificate administration and key escrow. Moreover, the increasing number of users and prevalence of lightweight devices demand functional and cost-effective solutions. To address these issues, this paper presents a novel Pairing-free Certificate-Based Proxy Re-Encryption Plus scheme that leverages elliptic curve groups for improved effectiveness and performance. This scheme successfully resolves challenges related to certificate management and key escrow in traditional PRE schemes, while also introducing non-transferable and message-level fine-grained control characteristics. These enhancements bolster data security during sharing and minimize the risk of malicious information leakage. Our proposed scheme's correctness, security, and effectiveness are rigorously verified and analyzed. The results demonstrate that the scheme achieves the chosen ciphertext security in the random oracle model. Compared to current PRE schemes, our approach offers greater advantages, lower computational overhead, and enhanced suitability for practical cloud computing applications.

engineering, electrical & electronic,computer science, information systems,physics, applied

Xuyang Wang,Aiqun Hu,Hao Fang

DOI: https://doi.org/10.1049/iet-ifs.2018.5246

2020-01-01

IET Information Security

Abstract:Proxy re-encryption (PRE) is a promising cryptographic structure for pervasive data sharing in cloud-based social networks, which enables a semi-trusted proxy to convert a ciphertext for Alice into a ciphertext for Bob without seeing the corresponding plaintext. Since the proxy is semi-trust, a PRE scheme which can resist the collusion attack will be of great practical value. Jianget al.in 2015 and Kim and Jeong in 2016 have proposed collusion-resistant PRE (CR-PRE) schemes from the lattice by a similar technique, respectively. However, through the analysis of their schemes, the authors find that both of them have defects in the construction of the re-encryption key, which will lead to the re-encryption ciphertext cannot be decrypted or decrypted error with high probability. In this study, the authors first point out the defects in the work of Jianget al.'s work and Kim and Jeong's work and propose an improved collusion-resistant unidirectional PRE scheme from lattice, based on learning with errors problems. In addition to solving the defects, CR-PRE still has many useful properties similar to the previous schemes, such as unidirectional, collusion resistant, chosen-plaintext attack secure and so on.

Hu Xiong,Yi Wang,Wenchao Li,Chien-Ming Chen

DOI: https://doi.org/10.1145/3318212

2019-01-01

ACM Transactions on Management Information Systems

Abstract:The convenience of the cloud-assisted Internet of Things has led to the need for improved protections for the large volumes of data collected from devices around the world and stored on cloud-based servers. Proxy re-encryption (PRE) has been presented as a suitable mechanism for secure transmission and sharing of files within the cloud. However, existing PRE schemes do not support unidirectional data transformation, fine-grained controls, multiple hops, and identity-based encryption simultaneously. To solve these problems, we propose a unidirectional multi-hop identity based-conditional PRE scheme that meets all of the above requirements. Our proposal has the additional benefits of a constant ciphertext size, non-interactivity, and collusion resistance. We also prove that our scheme is secure against adaptive identity chosen-ciphertext attacks in the standard model.

Peng Zeng,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/access.2018.2879479

IF: 3.9

2018-01-01

IEEE Access

Abstract:Secure cloud storage has important applications in our big data-driven society, and to achieve secure cloud storage, we need to enforce strong access control mechanism. Proxy re-encryption (PRE) has been shown to be an effective tool of constructing cryptographically enforced access control schemes. In a traditional PRE scheme, a semi-trusted proxy can convert all ciphertexts for a delegator to ciphertexts for a delegatee once the proxy obtains the relevant re-encryption key from the delegator. In many practical applications, however, a fine-grained delegation of decryption abilities may be demanded, and thus, the notion of conditional PRE (C-PRE) is introduced, which allows only the ciphertexts satisfying a concrete condition to be converted by the proxy. In this paper, we introduce a special kind of C-PRE, sender-specified PRE (SS-PRE), which enables the delegator to delegate the decryption right of the ciphertexts from a specified sender to his/her delegatee. We give a formal definition of SS-PRE and its security model. We also provide the concrete constructions of an IND-CPA secure SS-PRE scheme and an IND-CCA secure SS-PRE scheme with the properties of unidirectionality and single-use and prove the security of both schemes in the standard model. The detailed analysis shows that our new IND-CCA secure SS-PRE scheme achieves a higher efficiency in computation cost and ciphertext size than the conventional C-PRE schemes.

Song Luo,Qingni Shen,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-31912-9_8

2011-01-01

Abstract:Proxy re-encryption (PRE) allows the proxy to translate a ciphertext encrypted under Alice's public key into another ciphertext that can be decrypted by Bob's secret key. Identity-based proxy re-encryption (IB-PRE) is the development of identity-based encryption and proxy re-encryption, where ciphertexts are transformed from one identity to another. In this paper, we propose two novel unidirectional identity-based proxy re-encryption schemes, which are both non-interactive and proved secure in the standard model. The first scheme is a single-hop IB-PRE scheme and has master secret security, allows the encryptor to decide whether the ciphertext can be re-encrypted. The second scheme is a multi-hop IB-PRE scheme which allows the ciphertext re-encrypted multiple times but without the size of ciphertext growing linearly as previous multi-hop IB-PRE schemes.

Wei Luo,Wenping Ma

DOI: https://doi.org/10.1007/978-3-030-00009-7_47

2018-01-01

Abstract:Identity-based encryption algorithm is applied to cloud storage to protect data security and provide a flexible access control scheme. However, in the existing schemes, the private key generator (PKG) knows secret keys of all users, which means that the PKG can decrypt all ciphertexts. In this paper, we propose a secure identity-based proxy re-encryption scheme, in which the PKG only generates partial secret keys for users. This can ensure users' data confidentiality and privacy security. Its security is based on the decision bilinear Diffie-Hellman (DBDH) assumption in the random oracle model. Besides, our scheme can resist collusion attacks and support user revocation. In addition, we compare our scheme with other existing schemes. The result demonstrates our scheme is comparable with other schemes in computation complexity.

Peng Xu,Tengfei Jiao,Qianhong Wu,Wei Wang,Hai Jin

DOI: https://doi.org/10.1109/tc.2015.2417544

2016-01-01

Abstract:Recently, a number of extended Proxy Re-Encryptions (PRE), e.g. Conditional (CPRE), identity-based PRE (IPRE) and broadcast PRE (BPRE), have been proposed for flexible applications. By incorporating CPRE, IPRE and BPRE, this paper proposes a versatile primitive referred to as conditional identity-based broadcast PRE (CIBPRE) and formalizes its semantic security. CIBPRE allows a sender to encrypt a message to multiple receivers by specifying these receivers’ identities, and the sender can delegate a re-encryption key to a proxy so that he can convert the initial ciphertext into a new one to a new set of intended receivers. Moreover, the re-encryption key can be associated with a condition such that only the matching ciphertexts can be re-encrypted, which allows the original sender to enforce access control over his remote ciphertexts in a fine-grained manner. We propose an efficient CIBPRE scheme with provable security. In the instantiated scheme, the initial ciphertext, the re-encrypted ciphertext and the re-encryption key are all in constant size, and the parameters to generate a re-encryption key are independent of the original receivers of any initial ciphertext. Finally, we show an application of our CIBPRE to secure cloud email system advantageous over existing secure email systems based on Pretty Good Privacy protocol or identity-based encryption.

Xian Yong Meng,Zhong Chen,Xiang Yu Meng,Bing Sun

DOI: https://doi.org/10.4028/www.scientific.net/amm.571-572.74

2014-01-01

Applied Mechanics and Materials

Abstract:In this paper, an identity-based conditional proxy re-encryption (PRE) scheme is proposed, where a delegator provides a re-encryption key satisfying one condition to a semi-trusted proxy who can convert a ciphertext encrypted under the delegator’s public key into one that can be decrypted using the delegatee’s private key. We address the identity-based proxy re-encryption scheme, where the delegator and the delegatee request keys from a trusted party known as a key generator center (KGC), who generates private keys for delegator and delegatee based on their identities. Meanwhile, the identity-based conditional proxy re-encryption scheme satisfies the properties of PRE including unidirectionality, non-interactivity and multi-hop. Additionally, the identity-based conditional proxy re-encryption scheme is efficient in terms of both the communication cost and the computing cost, and can realize security secret sharing in cloud computing environments.

WeiDong Zhong,Xu An Wang,Ziqing Wang,Yi Ding

DOI: https://doi.org/10.1109/CIS.2011.217

2011-01-01

Abstract:Proxy re-encryption (PRE) allows a proxy to transform a cipher text for Alice (delegator) to be the one which can be decrypted by Bob (delegatee). Since it is introduced by Blaze et al. in 1998, many variants of PRE have been proposed. In this paper, we concentrate on two of them: anonymous conditional proxy re-encryption (ACPRE) and constrained proxy re-encryption with keyword search (PRES). Conditional proxy re-encryption (CPRE) is a primitive which only allows those cipher texts satisfying the condition can be re-encrypted correctly by the proxy. Anonymous conditional proxy re-encryption (ACPRE) requires the proxy not knowing which condition the cipher text associated with. PRES is a primitive which allows the proxy simultaneously re-encrypt and search the delegator's cipher text. Based on the PRES proposed by Shao et al., We show the definition of constrained proxy re-encryption with keyword search (CPRES), give its security models and discuss its potential applications. At last, based on a concrete ACPRE scheme, we construct a concrete CPRES scheme.

FENG Chaosheng,LUO Wangping,QIN Zhiguang,YUAN Ding,ZOU Liping

DOI: https://doi.org/10.11959/j.issn.1000-436x.2019127

2019-01-01

Abstract:A ideal proxy re-encryption scheme has five features,such as one-way encryption,non-interaction,repeatability,controllability and verifiability.The existing schemes,however,have only two or three of the five features,which reduces the utility of them to some extent.For this,a new ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) scheme with the above five features was proposed.In the proposed scheme,the cloud proxy server could only re-encrypt the ciphertext specified by the delegator by using the re-encryption key,and resist the collusion attack between the user and the proxy satisfying the re-encryption sharing policy.Most of encryption and decryption were outsourced to cloud servers so that it reduced the computing burden on the user’s client.The security analysis show that the proposed scheme resists the selective chosen plaintext attack (SCPA).

Song Luo,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1145/1866870.1866880

2010-01-01

Abstract:A proxy re-encryption (PRE) scheme involves three parties: Alice, Bob, and a proxy. PRE allows the proxy to translate a ciphertext encrypted under Alice's public key into one that can be decrypted by Bob's secret key. We present a general method to construct an identity-based proxy re-encryption scheme from an existing identity-based encryption scheme. The transformed scheme satisfies the properties of PRE, such as unidirectionality, non-interactivity and multi-use. Moreover, the proposed scheme has master key security, allows the encryptor to decide whether the ciphertext can be re-encrypted.