A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing

Kaitai Liang, Man Ho Au, Joseph K. Liu, Willy Susilo, Duncan S. Wong, Guomin Yang, Yong Yu, Anjia Yang

Research output: Contribution to journalArticleResearchpeer-review

98 Citations (Scopus)

Abstract

Proxy Re-Encryption (PRE) is a useful cryptographic primitive that allows a data owner to delegate the access rights of the encrypted data stored on a cloud storage system to others without leaking the information of the data to the honest-but-curious cloud server. It provides effectiveness for data sharing as the data owner even using limited resource devices (e.g. mobile devices) can offload most of the computational operations to the cloud. Since its introduction many variants of PRE have been proposed. A Ciphertext-Policy Attribute-Based Proxy Re-Encryption (CP-ABPRE), which is regarded as a general notion for PRE, employs the PRE technology in the attribute-based encryption cryptographic setting such that the proxy is allowed to convert an encryption under an access policy to another encryption under a new access policy. CP-ABPRE is applicable to many network applications, such as network data sharing. The existing CP-ABPRE systems, however, leave how to achieve adaptive CCA security as an interesting open problem. This paper, for the first time, proposes a new CP-ABPRE to tackle the problem by integrating the dual system encryption technology with selective proof technique. Although the new scheme supporting any monotonic access structures is built in the composite order bilinear group, it is proven adaptively CCA secure in the standard model without jeopardizing the expressiveness of access policy. We further make an improvement for the scheme to achieve more efficiency in the re-encryption key generation and re-encryption phases.
Original languageEnglish
Pages (from-to)95-108
Number of pages14
JournalFuture Generation Computer Systems
Volume52
DOIs
Publication statusPublished - Nov 2015
Externally publishedYes

Keywords

  • Ciphertext-policy attribute-based encryption
  • Ciphertext-policy attribute-based proxy re-encryption
  • Adaptive chosen-ciphertext security

Cite this