Abstract
Cloud-based data sharing addresses the limited storage availability problem for resource-constrained users albeit at the cost of privacy and the need for access control mechanism. However, most of the techniques for secure data sharing with high access control are computationally intensive. Proxy re-encryption scheme is computationally light and provides secure cloud-based data sharing. Proxy re-encryption has a single semi-trust proxy for all intermediate re-encryption processes, which makes it a single point of failure and vulnerable to several attacks. In this paper, we propose, PB-TPRE, a threshold proxy re-encryption with the proactive property. The shares of re-encryption keys are sent to all proxies using shamir secret sharing. The shares may be leaked with passage of time or whenever any proxy leaves or joins the network, then, the secret needs to be change. The proactive property in threshold proxy re-encryption helps renew the shares without changing the secret. PB-TPRE scheme is collusion resistant against the proxies, users and cloud. We present a concrete construction for PB-TPRE that satisfies indistinguishability under chosen-plaintext attacks with a random oracle model and formally proves its security. We compared and discussed PB-TPRE scheme with other threshold proxy re-encryption schemes and found it to be efficient and secure for cloud-based data sharing applications.
Similar content being viewed by others
Data availibility statement
Not applicable
Change history
06 May 2023
A Correction to this paper has been published: https://doi.org/10.1007/s11227-023-05343-8
References
Feng W, Zhang Z, Wang J, Han L (2016) A novel authorization delegation scheme for multimedia social networks by using proxy re-encryption. Multimed Tools Appl 75:13995–14014
Tiwari D, Gangadharan GR, Ma M (2016) Secure delegation of services through proxy signature with revocation. Int J Trust Manag Comput Commun 3(4):291–318
Muthukumaran V, Ezhilmaran D (2020) A cloud-assisted proxy re-encryption scheme for efficient data sharing across IOT systems. Int J Inform Technol Web Eng (IJITWE) 15(4):18–36
Wang XA, Xhafa F, Ma J, Zheng Z (2019) Controlled secure social cloud data sharing based on a novel identity based proxy re-encryption plus scheme. J Parallel Distri Comput 130:153–165
Bhatia T, Verma AK, Sharma G (2018) Secure sharing of mobile personal healthcare records using certificateless proxy re-encryption in cloud. Trans Emerg Telecommun Technol 29(6):e3309
Wang XA, Ma J, Xhafa F, Zhang M, Luo X (2017) Cost-effective secure E-health cloud system using identity based cryptographic techniques. Future Gen Comput Syst 67:242–254
Zhang J, Bai W, Wang Y (2019) Non-interactive ID-based proxy re-signature scheme for IoT based on mobile edge computing. IEEE Access 7:37865–37875
Chen Y R, Tygar JD, Tzeng WG (2011) Secure group key management using uni-directional proxy re-encryption schemes. In: 2011 Proceedings IEEE INFOCOM (pp. 1952-1960). IEEE
Lin HY, Tzeng WG (2011) A secure erasure code-based cloud storage system with secure data forwarding. IEEE Trans Parallel Distrib Syst 23(6):995–1003
Zhang J, Wang XA, Ding Y, Yang X (2013) On the security of two multi-use CCA-secure proxy re-encryption schemes. Int J Intell Inform Database Syst 7(5):422–440
Wang XA, Xhafa F, Ma J, Barolli L, Ge Y (2018) PRE+: dual of proxy re-encryption for secure cloud data sharing service. Int J Web Grid Services 14(1):44–69
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Herzberg A, Jarecki S, Krawczyk H, Yung M (1995) Proactive secret sharing or: how to cope with perpetual leakage. In: Advances in cryptology-CRYPT0’95: 15th annual international cryptology conference santa barbara, California, USA, August 27–31 (1995) Proceedings 15. Springer, Berlin Heidelberg, pp 339–352
Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inform Syst Security (TISSEC) 9(1):1–30
Chen X, Liu Y, Li Y, Lin C (2018) Threshold proxy re-encryption and its application in blockchain. In: Cloud computing and security: 4th international conference, ICCCS 2018, Haikou, China, June 8–10 (2018) Revised Selected Papers, Part IV 4 (pp 16–25). Springer International Publishing
Jakobsson M (1999) On quorum controlled asymmetric proxy re-encryption. In Public key cryptography: second international workshop on practice and theory in public key cryptography, PKC’99 Kamakura, Japan, March 1–3 (1999) Proceedings 2. Springer, Berlin Heidelberg, pp 112–121
Song YJ (2016) Threshold delegation scheme based on multi-proxy re-encryption. Int J Security Appl 10(7):355–362
Li Z, Ma C, Wang D (2017) Achieving multi-hop PRE via branching program. IEEE Trans Cloud Comput 8(1):45–58
Luo F, Al-Kuwari S, Susilo W, Duong DH (2020) Chosen-ciphertext secure homomorphic proxy re-encryption. IEEE Trans Cloud Comput 10(4):2398–2408
Patil SM, Purushothama BR (2019) Rsa-based collusion resistant quorum controlled proxy re-encryption scheme for distributed secure communication. In: Distributed computing and internet technology: 15th international conference, ICDCIT 2019, Bhubaneswar, India, January 10-13, 2019, Proceedings 15 (pp 349-363). Springer International Publishing
Patil SM, Purushothama BR (2020) Non-transitive and collusion resistant quorum controlled proxy re-encryption scheme for resource constrained networks. J Inform Security Appl 50:102411
Pareek G, Purushothama BR (2021) TP-PRE: threshold progressive proxy re-encryption, its definitions, construction and applications. J Ambient Intell Humanized Comput 12(2):1943–1965
Geer DE, Yung M (2003) Split-and-delegate: threshold cryptography for the masses. In: Financial cryptography: 6th international conference, FC (2002) Southampton, Bermuda, March 2002 Revised Papers 6. Springer, Berlin Heidelberg, pp 220–237
Fournaris AP (2011) Distributed threshold cryptography certification with no trusted dealer. In: Proceedings of the international conference on security and cryptography (pp 400-404). IEEE
Li Y, Ma J, Miao Y, Wang Y, Yang T, Liu X, Choo KKR (2020) Traceable and controllable encrypted cloud image search in multi-user settings. IEEE Trans Cloud Comput 10(4):2936–2948
Xu P, Jiao T, Wu Q, Wang W, Jin H (2015) Conditional identity-based broadcast proxy re-encryption and its application to cloud email. IEEE Trans Comput 65(1):66–79
Huang Q, Yang Y, Fu J (2018) Secure data group sharing and dissemination with attribute and time conditions in public cloud. IEEE Trans Services Comput 14(4):1013–1025
Lin HY (2015) Secure content distribution using multi-hop proxy re-encryption. Wireless Personal Commun 82:1449–1459
Li Z, Ma C, Wang D (2017) Towards multi-hop homomorphic identity-based proxy re-encryption via branching program. IEEE Access 5:16214–16228
Gu K, Wang Y, Wen S (2017) Traceable threshold proxy signature. J Inform Sci Eng, 33(1)
Chen X, Liu Y, Harn L, Li Y, Yao G (2018) Threshold proxy re-signature: definition and new constructions. J Chinese Inst Eng 41(2):141–148
Wang Q, Lai C, Lu R, Zheng D (2021) Searchable encryption with autonomous path delegation function and its application in healthcare cloud. IEEE Trans Cloud Comput
Bleichenbacher D (1998) Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS 1. In: Advances in cryptology-CRYPTO’98: 18th annual international cryptology conference santa barbara, California, USA August 23–27 (1998) Proceedings 18. Springer, Berlin Heidelberg, pp 1–12
Pang LJ, Wang YM (2005) A new (t, n) multi-secret sharing scheme based on Shamir’s secret sharing. Appl Math Comput 167(2):840–848
Funding
No funding was received for conducting this study.
Author information
Authors and Affiliations
Contributions
Author proposed the methods and evaluate the results.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no competing interests.
Ethical approval
Not applicable.
Consent to publication
The authors have no conflicts of interest to declare that are relevant to the content of this article.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
The original online version of this article was revised: In this article the affiliation details for Raghav and Nitish Andola were assigned wrongly. Raghav belongs to affiliation 1 “Department of Information Technology, Indian Institute of Information Technology Allahabad, Prayagraj, India” and Nitish Andola belongs to affiliation 2 “Thapar Institute of Engineering and Technology (TIET), Patiala, India” The original article has been corrected.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Raghav, Andola, N., Verma, K. et al. Proactive threshold-proxy re-encryption scheme for secure data sharing on cloud. J Supercomput 79, 14117–14145 (2023). https://doi.org/10.1007/s11227-023-05221-3
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-023-05221-3