An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing

Kaitai Alexander Liang; Joseph K. Liu; Duncan S. Wong; Willy Susilo

doi:10.1007/978-3-319-11203-9_15

An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing

Kaitai Alexander Liang, Joseph K. Liu, Duncan S. Wong, Willy Susilo

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

144 Citations (Scopus)

Abstract

Identity-based encryption (IBE) eliminates the necessity of having a costly certificate verification process. However, revocation remains as a daunting task in terms of ciphertext update and key update phases. In this paper, we provide an affirmative solution to solve the efficiency problem incurred by revocation. We propose the first cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme that supports user revocation but also delegation of decryption rights. No matter a user is revoked or not, at the end of a given time period the cloud acting as a proxy will re-encrypt all ciphertexts of the user under the current time period to the next time period. If the user is revoked in the forthcoming time period, he cannot decrypt the ciphertexts by using the expired private key anymore. comparing to some naive solutions which require a private key generator (PKG) to interact with non-revoked users in each time period, the new scheme provides definite advantages in terms of communication and computation efficiency.

Original language	English
Title of host publication	Computer Security - ESORICS 2014
Subtitle of host publication	19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II
Editors	Miroslaw Kutylowski, Jaideep Vaidya
Place of Publication	Heidelberg Germany
Publisher	Springer
Pages	257-272
Number of pages	16
ISBN (Electronic)	9783319112039
ISBN (Print)	9783319112022
DOIs	https://doi.org/10.1007/978-3-319-11203-9_15
Publication status	Published - 2014
Externally published	Yes
Event	European Symposium On Research In Computer Security 2014 - Wroclaw University of Technology, Wroclaw, Poland Duration: 7 Sept 2014 → 11 Sept 2014 Conference number: 19th https://esorics2014.pwr.wroc.pl/ https://link.springer.com/book/10.1007/978-3-319-11203-9 (Proceedings)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	8712
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	European Symposium On Research In Computer Security 2014
Abbreviated title	ESORICS 2014
Country/Territory	Poland
City	Wroclaw
Period	7/09/14 → 11/09/14
Internet address	https://esorics2014.pwr.wroc.pl/ https://link.springer.com/book/10.1007/978-3-319-11203-9 (Proceedings)

Keywords

Revocable identity-based encryption
cloud-based revocable identity-based proxy re-encryption
standard model

Access to Document

10.1007/978-3-319-11203-9_15

Cite this

Liang, K. A., Liu, J. K., Wong, D. S., & Susilo, W. (2014). An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In M. Kutylowski, & J. Vaidya (Eds.), Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II (pp. 257-272). (Lecture Notes in Computer Science; Vol. 8712). Springer. https://doi.org/10.1007/978-3-319-11203-9_15

Liang, Kaitai Alexander ; Liu, Joseph K. ; Wong, Duncan S. et al. / An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II. editor / Miroslaw Kutylowski ; Jaideep Vaidya. Heidelberg Germany : Springer, 2014. pp. 257-272 (Lecture Notes in Computer Science).

@inproceedings{dcdd20ecc8d04869835bc75ca7c9b753,

title = "An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing",

abstract = "Identity-based encryption (IBE) eliminates the necessity of having a costly certificate verification process. However, revocation remains as a daunting task in terms of ciphertext update and key update phases. In this paper, we provide an affirmative solution to solve the efficiency problem incurred by revocation. We propose the first cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme that supports user revocation but also delegation of decryption rights. No matter a user is revoked or not, at the end of a given time period the cloud acting as a proxy will re-encrypt all ciphertexts of the user under the current time period to the next time period. If the user is revoked in the forthcoming time period, he cannot decrypt the ciphertexts by using the expired private key anymore. comparing to some naive solutions which require a private key generator (PKG) to interact with non-revoked users in each time period, the new scheme provides definite advantages in terms of communication and computation efficiency.",

keywords = "Revocable identity-based encryption, cloud-based revocable identity-based proxy re-encryption, standard model",

author = "Liang, {Kaitai Alexander} and Liu, {Joseph K.} and Wong, {Duncan S.} and Willy Susilo",

year = "2014",

doi = "10.1007/978-3-319-11203-9_15",

language = "English",

isbn = "9783319112022",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "257--272",

editor = "Miroslaw Kutylowski and Jaideep Vaidya",

booktitle = "Computer Security - ESORICS 2014",

note = "European Symposium On Research In Computer Security 2014, ESORICS 2014 ; Conference date: 07-09-2014 Through 11-09-2014",

url = "https://esorics2014.pwr.wroc.pl/, https://link.springer.com/book/10.1007/978-3-319-11203-9",

}

Liang, KA, Liu, JK, Wong, DS & Susilo, W 2014, An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. in M Kutylowski & J Vaidya (eds), Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II. Lecture Notes in Computer Science, vol. 8712, Springer, Heidelberg Germany, pp. 257-272, European Symposium On Research In Computer Security 2014, Wroclaw, Poland, 7/09/14. https://doi.org/10.1007/978-3-319-11203-9_15

An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. / Liang, Kaitai Alexander; Liu, Joseph K.; Wong, Duncan S. et al.
Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II. ed. / Miroslaw Kutylowski; Jaideep Vaidya. Heidelberg Germany: Springer, 2014. p. 257-272 (Lecture Notes in Computer Science; Vol. 8712).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing

AU - Liang, Kaitai Alexander

AU - Liu, Joseph K.

AU - Wong, Duncan S.

AU - Susilo, Willy

N1 - Conference code: 19th

PY - 2014

Y1 - 2014

N2 - Identity-based encryption (IBE) eliminates the necessity of having a costly certificate verification process. However, revocation remains as a daunting task in terms of ciphertext update and key update phases. In this paper, we provide an affirmative solution to solve the efficiency problem incurred by revocation. We propose the first cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme that supports user revocation but also delegation of decryption rights. No matter a user is revoked or not, at the end of a given time period the cloud acting as a proxy will re-encrypt all ciphertexts of the user under the current time period to the next time period. If the user is revoked in the forthcoming time period, he cannot decrypt the ciphertexts by using the expired private key anymore. comparing to some naive solutions which require a private key generator (PKG) to interact with non-revoked users in each time period, the new scheme provides definite advantages in terms of communication and computation efficiency.

AB - Identity-based encryption (IBE) eliminates the necessity of having a costly certificate verification process. However, revocation remains as a daunting task in terms of ciphertext update and key update phases. In this paper, we provide an affirmative solution to solve the efficiency problem incurred by revocation. We propose the first cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme that supports user revocation but also delegation of decryption rights. No matter a user is revoked or not, at the end of a given time period the cloud acting as a proxy will re-encrypt all ciphertexts of the user under the current time period to the next time period. If the user is revoked in the forthcoming time period, he cannot decrypt the ciphertexts by using the expired private key anymore. comparing to some naive solutions which require a private key generator (PKG) to interact with non-revoked users in each time period, the new scheme provides definite advantages in terms of communication and computation efficiency.

KW - Revocable identity-based encryption

KW - cloud-based revocable identity-based proxy re-encryption

KW - standard model

U2 - 10.1007/978-3-319-11203-9_15

DO - 10.1007/978-3-319-11203-9_15

M3 - Conference Paper

SN - 9783319112022

T3 - Lecture Notes in Computer Science

SP - 257

EP - 272

BT - Computer Security - ESORICS 2014

A2 - Kutylowski, Miroslaw

A2 - Vaidya, Jaideep

PB - Springer

CY - Heidelberg Germany

T2 - European Symposium On Research In Computer Security 2014

Y2 - 7 September 2014 through 11 September 2014

ER -

Liang KA, Liu JK, Wong DS, Susilo W. An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In Kutylowski M, Vaidya J, editors, Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II. Heidelberg Germany: Springer. 2014. p. 257-272. (Lecture Notes in Computer Science). doi: 10.1007/978-3-319-11203-9_15