Abstract
Proxy re-encryption (PRE) is a public-key cryptography primitive that delegates the decryption capabilities of a user (called delegator) to another user (called delegatee) using a re-encryption key. A semi-trusted proxy uses the re-encryption key to transform a ciphertext under the delegator’s public key such that it becomes a ciphertext under the delegatee’s public key. If instead of “all”, a delegator wishes to delegate a subset of his decryption capabilities, there is a need for elevating the level of trust in the re-encrypting proxy. As a result, PRE in multi-proxy scenario has received significant research attention in recent times. In this paper, we introduce a new PRE primitive in a multi-proxy setting called Threshold Progressive Proxy Re-encryption (TP-PRE), that involves progressive transformation of ciphertext and results in production of a valid re-encrypted ciphertext if and only if at least t out of the total N distinct proxies perform re-encryption. The way these proxies are selected for re-encryption is significantly different from the existing threshold proxy cryptosystems. The TP-PRE scheme we present does not require prior knowledge about the available proxies. Proxies can take turn in any order to progressively transform the ciphertext and output of \(t{\mathrm{th}}\) transformation, or any transformation(s) afterward, is the final re-encrypted ciphertext that can be successfully decrypted by the intended delegatee to obtain the correct underlying plaintext. Unlike conventional threshold cryptosystems, TP-PRE does not have a share combination phase hence it does not require any central dealer. We formally define system model and security notions for TP-PRE. We present a concrete construction for TP-PRE that satisfies indistinguishability under chosen-plaintext attacks (IND-CPA) and formally prove its security. We analyze the performance of our construction by providing theoretical bounds of the solution along with the results of practical implementation.
Similar content being viewed by others
Notes
AWS cloud HSM. Managed hardware security module (HSM) on the AWS Cloud. https://aws.amazon.com/cloudhsm/.
References
Ateniese G, Hohenberger S (2005) Proxy re-signatures: new definitions, algorithms, and applications. In: Proceedings of the \(12{\text{th}}\) ACM conference on Computer and communications security, ACM, pp 310–319
Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur (TISSEC) 9(1):1–30
Bellafqira R, Coatrieux G, Bouslimi D, Quellec G, Cozic M (2017) Proxy re-encryption based on homomorphic encryption. In: Proceedings of the 33\({\text{ rd }}\) annual computer security applications conference, ACM, pp 154–161
Blaze M, Bleumer G, Strauss M (1998) Divertible protocols and atomic proxy cryptography. Advances in cryptology—EUROCRYPT’98, pp 127–144
Cao Z, Wang H, Zhao Y (2018) Ap-pre: autonomous path proxy re-encryption and its application. IEEE Trans Depend Secure Comput. https://doi.org/10.1109/TDSC.2017.2714166
Chandran N, Chase M, Liu FH, Nishimaki R, Xagawa K (2014) Re-encryption, functional re-encryption, and multi-hop re-encryption: a framework for achieving obfuscation-based security and instantiations from lattices. Proceedings of the \(17{\text{ th }}\) international conference on practice and theory in public-key cryptography (PKC’17), pp 95–112
Chen X, Liu Y, Harn L, Li Y, Yao G (2018a) Threshold proxy re-signature: definition and new constructions. J Chin Inst Eng 41(2):141–148
Chen X, Liu Y, Li Y, Lin C (2018b) Threshold proxy re-encryption and its application in blockchain. In: Sun X, Pan Z, Bertino E (eds) International conference on cloud computing and security. Springer International Publishing, Cham, pp 16–25
Dodis Y, Yampolskiy A (2005) A verifiable random function with short proofs and keys. In: Vaudenay S (ed) Public key cryptography—PKC 2005. Springer, Berlin, pp 416–431
Fournaris AP (2011) Distributed threshold cryptography certification with no trusted dealer. In: Proceedings of the 2011 international conference on security and cryptography, pp 400–404
Guo H, Zhang Z, Xu J, An N, Lan X (2018) Accountable proxy re-encryption for secure data sharing. IEEE Trans Depend Secure Comput. https://doi.org/10.1109/TDSC.2018.2877601
Guo H, Zhang Z, Xu J, An N (2019) Non-transferable proxy re-encryption. Comput J 62(4):490–506
He YJ, Chim TW, Hui LCK, Yiu SM (2010) Non-transferable proxy re-encryption scheme for data dissemination control. IACR Cryptol ePrint Arch 2010:192
Ivan AA, Dodis Y (2003) Proxy cryptography revisited. In: Proceedings of the network and distributed system security symposium (NDSSS)
Jakobsson M (1999) On quorum controlled asymmetric proxy re-encryption. In: Proceedings of the international workshop on public key cryptography (PKC’99), pp 632–632
Jen SM, Laih CS, Kuo WC (2009) A hop-count analysis scheme for avoiding wormhole attacks in manet. Sensors 9(6):5022–5039
Kim KS, Jeong IR (2016) Collusion-resistant unidirectional proxy re-encryption scheme from lattices. J Commun Netw 18(1):1–7
Lin HY (2015) Secure content distribution using multi-hop proxy re-encryption. Wirel Pers Commun 82(3):1449–1459
Lin HY, Tzeng WG (2012) A secure erasure code-based cloud storage system with secure data forwarding. IEEE Trans Parallel Distrib Syst 23(6):995–1003. https://doi.org/10.1109/TPDS.2011.252
Manzoor A, Liyanage M, Braeken A, Kanhere SS, Ylianttila M (2018) Blockchain based proxy re-encryption scheme for secure IOT data sharing. arXiv:181102276
Noack A, Spitz S (2009) Dynamic threshold cryptosystem without group manager. Netw Protoc Algorithms 1(1):108–121
Nuñez D, Agudo I, Lopez J (2017) Proxy re-encryption: analysis of constructions and its application to secure access delegation. J Netw Comput Appl 87:193–209
Pareek G, Purushothama BR (2020) Proxy re-encryption for fine-grained access control: its applicability, security under stronger notions and performance. J Inf Secur Appl 54:102543
Pareek G, Purushothama B (2017a) On efficient access control mechanisms in hierarchy using unidirectional and transitive proxy re-encryption schemes. In: SECRYPT, pp 519–524
Pareek G, Purushothama BR (2017b) Proxy visible re-encryption scheme with application to e-mail forwarding. In: Proceedings of the 10th international conference on security of information and networks SIN’17, pp 212–217
Pareek G, Purushothama BR (2018) Proxy re-encryption scheme for access control enforcement delegation on outsourced data in public cloud. In: Ganapathy V, Jaeger T, Shyamasundar R (eds) Information system security. Springer International Publishing, Cham, pp 251–271
Patil SM, Purushothama BR (2019) Rsa-based collusion resistant quorum controlled proxy re-encryption scheme for distributed secure communication. In: Fahrnberger G, Gopinathan S, Parida L (eds) Distributed computing and internet technology. Springer International Publishing, Cham, pp 349–363
Petrlic R (2012) Proxy re-encryption in a privacy-preserving cloud computing drm scheme. In: Xiang Y, Lopez J, Kuo CCJ, Zhou W (eds) Cyberspace safety and security. Springer, Berlin, pp 194–211
Qin Z, Xiong H, Wu S, Batamuliza J (2016) A survey of proxy re-encryption for secure data sharing in cloud computing. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.2016.2551238
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Shao J, Liu P, Cao Z, Wei G (2011) Multi-use unidirectional proxy re-encryption. In: Proceedings of the 2011 IEEE international conference on communications (ICC), pp 1–5. https://doi.org/10.1109/icc.2011.5962455
Song YJ (2016) Threshold delegation scheme based on multi-proxy re-encryption. Int J Secur Appl 10(7):355–362
Stinson DR (2004) Combinatorial designs: constructions and analysis. Springer, New York. https://doi.org/10.1007/b97564
Tang F, Li H, Chang J (2015) Multi-hop unidirectional proxy re-encryption from multilinear maps. IEICE Trans Fundam Electron Commun Comput Sci E98.A(2):762–766
Wang XA, Ma J, Yang X (2015) A new proxy re-encryption scheme for protecting critical information systems. J Ambient Intell Humaniz Comput 6(6):699–711
Weng J, Chen M, Yang Y, Deng R, Chen K, Bao F (2010) Cca-secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles. Sci China Inf Sci 53(3):593–606
Xiaodong Y, Caifen W (2010) Threshold proxy re-signature schemes in the standard model. Chin J Electron 19(2):345–350
Xiaodong Y, Caifen W, Lan C, Wang B (2011) Flexible threshold proxy re-signature schemes. Chin J Electron 20(4):691–696
Zeng P, Choo KKR (2018) A new kind of conditional proxy re-encryption for secure cloud storage. IEEE Access 6:70017–70024
Zhang M, Jiang Y, Mu Y, Susilo W (2017) Obfuscating re-encryption algorithm with flexible and controllable multi-hop on untrusted outsourcing server. IEEE Access 5:26419–26434
Patil SM, Purushothama BR (2020) Non-transitive and collusion resistant quorum controlled proxy re-encryption scheme for resource constrained networks. J Inf Appl 50:102411
Pareek G, Purushothama BR (2020) Proxy re-encryption for fine-grained access control: its applicability, security under stronger notions and performance. J Inf Secur Appl 54:102543
Bisalapur SS (2011) Design of an efficient neural key distribution centre. arXiv:1102.0486
Lippold G, Boyd C, Nieto JG (2009) Strongly secure certificateless key agreement. In: International conference on pairing-based cryptography, pp 206–230
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Pareek, G., Purushothama, B.R. TP-PRE: threshold progressive proxy re-encryption, its definitions, construction and applications. J Ambient Intell Human Comput 12, 1943–1965 (2021). https://doi.org/10.1007/s12652-020-02285-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-020-02285-4