Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data

Hua Deng, Qianghong Wu, Bo Qin, Willy Susilo, Joseph Liu, Wenchang Shi

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

Abstract

With the increasing development of pervasive computing and wireless bandwidth communication, more mobile devices are used to access sensitive data stored in remote servers. In such applications, a practical issue emerges such as how to exploit the sufficient resource of a server so that the file owners can enforce fine-grained access control over the remotely stored files, while enable resource-limited mobile devices to easily access the protected data, especially if the storage server maintained by a third party is untrusted. This challenge mainly arises from the asymmetric capacity among the participants, i.e., the capacity limited mobile devices and the resource abundant server (and file owners equipped with fixed computers). To meet the security requirements in mobile access to sensitive data, we propose a new encryption paradigm, referred to as asymmetric cross-cryptosystem reencryption (ACCRE) by leveraging the asymmetric capacity of the participants. In ACCRE, relatively light-weight identity-based encryption (IBE) is deployed in mobile devices, while resource-consuming but versatile identity-based broadcast encryption (IBBE) is deployed in servers and fixed computers of the file owners. The core of ACCRE is a novel ciphertext conversion mechanism that allows an authorized proxy to convert a complicated IBBE ciphertext into a simple IBE ciphertext affordable to mobile devices, without leaking any sensitive information to the proxy. Following this paradigm, we propose an efficient ACCRE scheme with its security formally reduced to the security of the underlying IBE and IBBE schemes. Thorough theoretical analyses and extensive experiments confirm that the scheme takes very small cost for mobile devices to access encrypted data and is practical to secure mobile computing applications.
Original languageEnglish
Title of host publicationASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security
EditorsJianying Zhou, Gail-Joon Ahn
Place of PublicationNew York NY USA
PublisherAssociation for Computing Machinery (ACM)
Pages393 - 404
Number of pages12
ISBN (Print)9781450332453
DOIs
Publication statusPublished - 2015
Externally publishedYes
EventACM Symposium on Information, Computer and Communications Security 2015 - Singapore, Singapore
Duration: 14 Apr 201517 Apr 2015
Conference number: 10th

Conference

ConferenceACM Symposium on Information, Computer and Communications Security 2015
Abbreviated titleASIACCS 2015
CountrySingapore
CitySingapore
Period14/04/1517/04/15

Keywords

  • Data Security
  • Identity-based broadcast encryption
  • Identitybased encryption
  • Proxy re-encryption

Cite this

Deng, H., Wu, Q., Qin, B., Susilo, W., Liu, J., & Shi, W. (2015). Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. In J. Zhou, & G-J. Ahn (Eds.), ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (pp. 393 - 404). New York NY USA: Association for Computing Machinery (ACM). https://doi.org/10.1145/2714576.2714632
Deng, Hua ; Wu, Qianghong ; Qin, Bo ; Susilo, Willy ; Liu, Joseph ; Shi, Wenchang. / Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. editor / Jianying Zhou ; Gail-Joon Ahn. New York NY USA : Association for Computing Machinery (ACM), 2015. pp. 393 - 404
@inproceedings{e9c64e3b15544c68bb30bde2f8df7981,
title = "Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data",
abstract = "With the increasing development of pervasive computing and wireless bandwidth communication, more mobile devices are used to access sensitive data stored in remote servers. In such applications, a practical issue emerges such as how to exploit the sufficient resource of a server so that the file owners can enforce fine-grained access control over the remotely stored files, while enable resource-limited mobile devices to easily access the protected data, especially if the storage server maintained by a third party is untrusted. This challenge mainly arises from the asymmetric capacity among the participants, i.e., the capacity limited mobile devices and the resource abundant server (and file owners equipped with fixed computers). To meet the security requirements in mobile access to sensitive data, we propose a new encryption paradigm, referred to as asymmetric cross-cryptosystem reencryption (ACCRE) by leveraging the asymmetric capacity of the participants. In ACCRE, relatively light-weight identity-based encryption (IBE) is deployed in mobile devices, while resource-consuming but versatile identity-based broadcast encryption (IBBE) is deployed in servers and fixed computers of the file owners. The core of ACCRE is a novel ciphertext conversion mechanism that allows an authorized proxy to convert a complicated IBBE ciphertext into a simple IBE ciphertext affordable to mobile devices, without leaking any sensitive information to the proxy. Following this paradigm, we propose an efficient ACCRE scheme with its security formally reduced to the security of the underlying IBE and IBBE schemes. Thorough theoretical analyses and extensive experiments confirm that the scheme takes very small cost for mobile devices to access encrypted data and is practical to secure mobile computing applications.",
keywords = "Data Security, Identity-based broadcast encryption, Identitybased encryption, Proxy re-encryption",
author = "Hua Deng and Qianghong Wu and Bo Qin and Willy Susilo and Joseph Liu and Wenchang Shi",
year = "2015",
doi = "10.1145/2714576.2714632",
language = "English",
isbn = "9781450332453",
pages = "393 -- 404",
editor = "Jianying Zhou and Gail-Joon Ahn",
booktitle = "ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security",
publisher = "Association for Computing Machinery (ACM)",
address = "United States",

}

Deng, H, Wu, Q, Qin, B, Susilo, W, Liu, J & Shi, W 2015, Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. in J Zhou & G-J Ahn (eds), ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. Association for Computing Machinery (ACM), New York NY USA, pp. 393 - 404, ACM Symposium on Information, Computer and Communications Security 2015, Singapore, Singapore, 14/04/15. https://doi.org/10.1145/2714576.2714632

Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. / Deng, Hua; Wu, Qianghong; Qin, Bo; Susilo, Willy; Liu, Joseph ; Shi, Wenchang.

ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ed. / Jianying Zhou; Gail-Joon Ahn. New York NY USA : Association for Computing Machinery (ACM), 2015. p. 393 - 404.

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

TY - GEN

T1 - Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data

AU - Deng, Hua

AU - Wu, Qianghong

AU - Qin, Bo

AU - Susilo, Willy

AU - Liu, Joseph

AU - Shi, Wenchang

PY - 2015

Y1 - 2015

N2 - With the increasing development of pervasive computing and wireless bandwidth communication, more mobile devices are used to access sensitive data stored in remote servers. In such applications, a practical issue emerges such as how to exploit the sufficient resource of a server so that the file owners can enforce fine-grained access control over the remotely stored files, while enable resource-limited mobile devices to easily access the protected data, especially if the storage server maintained by a third party is untrusted. This challenge mainly arises from the asymmetric capacity among the participants, i.e., the capacity limited mobile devices and the resource abundant server (and file owners equipped with fixed computers). To meet the security requirements in mobile access to sensitive data, we propose a new encryption paradigm, referred to as asymmetric cross-cryptosystem reencryption (ACCRE) by leveraging the asymmetric capacity of the participants. In ACCRE, relatively light-weight identity-based encryption (IBE) is deployed in mobile devices, while resource-consuming but versatile identity-based broadcast encryption (IBBE) is deployed in servers and fixed computers of the file owners. The core of ACCRE is a novel ciphertext conversion mechanism that allows an authorized proxy to convert a complicated IBBE ciphertext into a simple IBE ciphertext affordable to mobile devices, without leaking any sensitive information to the proxy. Following this paradigm, we propose an efficient ACCRE scheme with its security formally reduced to the security of the underlying IBE and IBBE schemes. Thorough theoretical analyses and extensive experiments confirm that the scheme takes very small cost for mobile devices to access encrypted data and is practical to secure mobile computing applications.

AB - With the increasing development of pervasive computing and wireless bandwidth communication, more mobile devices are used to access sensitive data stored in remote servers. In such applications, a practical issue emerges such as how to exploit the sufficient resource of a server so that the file owners can enforce fine-grained access control over the remotely stored files, while enable resource-limited mobile devices to easily access the protected data, especially if the storage server maintained by a third party is untrusted. This challenge mainly arises from the asymmetric capacity among the participants, i.e., the capacity limited mobile devices and the resource abundant server (and file owners equipped with fixed computers). To meet the security requirements in mobile access to sensitive data, we propose a new encryption paradigm, referred to as asymmetric cross-cryptosystem reencryption (ACCRE) by leveraging the asymmetric capacity of the participants. In ACCRE, relatively light-weight identity-based encryption (IBE) is deployed in mobile devices, while resource-consuming but versatile identity-based broadcast encryption (IBBE) is deployed in servers and fixed computers of the file owners. The core of ACCRE is a novel ciphertext conversion mechanism that allows an authorized proxy to convert a complicated IBBE ciphertext into a simple IBE ciphertext affordable to mobile devices, without leaking any sensitive information to the proxy. Following this paradigm, we propose an efficient ACCRE scheme with its security formally reduced to the security of the underlying IBE and IBBE schemes. Thorough theoretical analyses and extensive experiments confirm that the scheme takes very small cost for mobile devices to access encrypted data and is practical to secure mobile computing applications.

KW - Data Security

KW - Identity-based broadcast encryption

KW - Identitybased encryption

KW - Proxy re-encryption

UR - http://goo.gl/K8Zqol

U2 - 10.1145/2714576.2714632

DO - 10.1145/2714576.2714632

M3 - Conference Paper

SN - 9781450332453

SP - 393

EP - 404

BT - ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

A2 - Zhou, Jianying

A2 - Ahn, Gail-Joon

PB - Association for Computing Machinery (ACM)

CY - New York NY USA

ER -

Deng H, Wu Q, Qin B, Susilo W, Liu J, Shi W. Asymmetric cross-cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. In Zhou J, Ahn G-J, editors, ASIACCS'15 - Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. New York NY USA: Association for Computing Machinery (ACM). 2015. p. 393 - 404 https://doi.org/10.1145/2714576.2714632