Abstract
Cloud is an emerging computing paradigm. It has drawn extensive attention from both academia and industry. But its security issues have been considered as a critical obstacle in its rapid development. When data owners store their data as plaintext in cloud, they lose the security of their cloud data due to the arbitrary accessibility, specially accessed by the un-trusted cloud. In order to protect the confidentiality of data owners’ cloud data, a promising idea is to encrypt data by data owners before storing them in cloud. However, the straightforward employment of the traditional encryption algorithms can not solve the problem well, since it is hard for data owners to manage their private keys, if they want to securely share their cloud data with others in a fine-grained manner. In this paper, we propose a fine-grained and heterogeneous proxy re-encryption (FH-PRE) system to protect the confidentiality of data owners’ cloud data. By applying the FH-PRE system in cloud, data owners’ cloud data can be securely stored in cloud and shared in a fine-grained manner. Moreover, the heterogeneity support makes our FH-PRE system more efficient than the previous work. Additionally, it provides the secure data sharing between two heterogeneous cloud systems, which are equipped with different cryptographic primitives.
Similar content being viewed by others
References
Kaufman LM (2009) Data security in the world of cloud computing. IEEE Secur Priv 7:61–64
Almorsy M, Grundy J, Müller I (2010) An analysis of the cloud computing security problem. In: The Proceedings of the 2010 Asia Pacific cloud workshop co-located with APSEC2010, IEEE, pp 1–6
Blaze M, Bleumer G, Strauss M (1998) Divertible protocols and atomic proxy cryptography. In: Nyberg K (ed) EUROCRYPT 1998, LNCS, Springer, Heidelberg, 1403, pp 127–144
Ibraimi L, Tang Q, Hartel P et al (2008) A type-and-identity-based proxy re-encryption scheme and its application in healthcare. In: Secure Data Management 2008, LNCS, Springer, Heidelberg, 5159, pp 185–198
Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Joe K (ed) CRYPTO 2001, LNCS, Springer, Heidelberg, 2139, pp 213–229
Boldyreva A, Marc F, Palacio A et al (2007) A closer look at PKI: security and efficiency. In: Okamoto T, Wang X (eds) PKC 2007, LNCS, Springer, Heidelberg, 4450, pp 458–475
Fujisaki E, Pointcheval D, Stern J (2004) RSA-OAEP is secure under the RSA assumption. J Cryptol 17:81–104
Zhou L, Marsh MA, Schneider FB et al (2005) Distributed blinding for ElGamal re-encryption. In: ICDCS 2005, IEEE, pp 824–824
Wang XY, Hui LCK, Chow KP et al (2000) The differential cryptanalysis of an AES finalist-serpent. Technical Report, HKU CSIS Technical Report TR-2000-04
Kurosawa K, Desmedt Y (2004) A new paradigm of hybrid encryption scheme. In: Franklin M (ed) CRYPTO 2004, LNCS, Springer, Heidelberg, 3152, pp 345–359
Kamara S, Lauter K (2010) Cryptographic cloud storage. In: Sion R (ed) FC 2010, LNCS, Springer, Heidelberg, 6054, pp 136–149
Barreto PSLM, Kim HY, Lynn B et al (2002) Efficient algorithms for pairing-based cryptosystems. In: Yung M (ed) CRYPTO 2002, LNCS, Springer, Heidelberg, 2442, pp 354–369
Mambo M, Okamoto E (1997) Proxy cryptosystems: delegation of the power to decrypt ciphertexts. IEICE Trans Fundam Electron Commun Comput Sci E 80–A:54–63
Jakobsson M (1999) On quorum controlled asymmetric proxy re-encryption. In: Markus J (ed) PKC 99, LNCS, Springer, Heidelberg, 1560, pp 112–121
Ivan A, Dodis Y (2003) Proxy cryptography revisited. In: Proceedings of the tenth network and distributed system security symposium, IEEE, pp 514–532
Ateniese G, Fu K, Green M et al (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur (TISSEC) 9:1–30
Shamir A (1985) Identity-based cryptosystems and signature schemes. In: George R, David C (eds) CRYPTO 1984, LNCS, Springer, Heidelberg, 196, pp 47–53
Matsuo T (2007) Proxy re-encryption systems for identity-based encryption. In: Takagi T, Okamoto T, Okamoto E et al (eds) Pairing 2007, LNCS, Springer, Heidelberg, 4575, pp 247–267
Green M, Ateniese G (2007) Identity-based proxy re-encryption. In: Katz J, Yung M (eds) Applied cryptography and network security 2007, LNCS, Springer, Heidelberg, 4521, pp 288–306
Boneh D, Boyen X (2004) Efficient selective-ID secure identity-based encryption without random oracles. In: Christian C, Jan L (eds) EUROCRYPT 2004, LNCS, Springer, Heidelberg, 3027, pp 223–238
Chu CK, Tzeng WG (2007) Identity-based proxy re-encryption without random oracles. In: ISC 2007, LNCS, Springer, Heidelberg, 4779, pp 189–202
Xu L, Wu X, Zhang X (2012) CL-PRE: A certificateless proxy re-encryption scheme for secure data sharing with public cloud. In: Proceedings of the 7th ACM symposium on information, computer and communications security. ACM, pp 87–88
Tang Q (2008) Type-based proxy re-encryption and its construction. In: INDOCRYPT 2008, LNCS, Springer, Heidelberg, 5365, pp 130–144
Weng J, Deng RH, Ding X et al (2009) Conditional proxy re-encryption secure against chosen-ciphertext attack. In: ASIACCS 2009, ACM, pp 322–332
Weng J, Yang Y, Tang Q et al (2009) Efficient conditional proxy re-encryption with chosen-ciphertext security. In: Information Security 2009, LNCS, Springer, Heidelberg, 5735, pp 151–166
Chu CK, Weng J, Chow S et al (2009) Conditional proxy broadcast re-encryption. In: Information security and privacy 2009, LNCS, Springer, Heidelberg, 5594, pp 327–342
Fang L, Susilo W, Wang J (2009) Anonymous conditional proxy re-encryption without random oracle. In: ProvSec 2009, LNCA, Springer, Heidelberg, 5848, pp 47–60
Liang K, Liu Z, Tan X et al (2012) A CCA-secure identity-based conditional proxy re-encryption without random oracles. In: ICISC 2012, LNCS, Springer, Heidelberg, 7839, pp 231–246
Shao J, Wei G, Ling Y et al (2011) Identity-based conditional proxy re-encryption. In: ICC 2011, IEEE, pp 1–5
Liang KT, Huang Q, Schlegel R et al (2013) A conditional proxy broadcast re-encryption scheme supporting timed-release. In: ISPEC 2013. LNCS, Springer, Heidelberg, 7863, pp 132–146
Acknowledgments
We would like to thank Dr. Wei Wang for helpful suggestions. The first author was partly supported by the National Natural Science Foundation of China (61100222). All authors are partly supported by the National Basic Research Program of China (2014CB340600).
Author information
Authors and Affiliations
Corresponding author
Additional information
SPECIAL TOPIC: Network and Information Security
About this article
Cite this article
Xu, P., Chen, H., Zou, D. et al. Fine-grained and heterogeneous proxy re-encryption for secure cloud storage. Chin. Sci. Bull. 59, 4201–4209 (2014). https://doi.org/10.1007/s11434-014-0521-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11434-014-0521-1