A Limited Proxy Re-encryption with Keyword Search for Data Access Control in Cloud Computing

  • Zhenhua Chen
  • Shundong Li
  • Yimin Guo
  • Yilei Wang
  • Yunjie Chu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8792)


In this paper, we introduce a new concept of limited proxy re-encryption with keyword search (LPREKS) for fine-grained data access control in cloud computing, which combines the function of limited proxy re-encryption (LPRE) and that of public key encryption with keyword search (PEKS). However, an LPREKS scheme cannot be obtained by directly combining those two schemes since the resulting scheme is no longer proven secure in our security model. Our scheme is proven semantically secure under the modified Bilinear Diffie-Hellman (mBDH) assumption and the q-Decisional Bilinear Diffie-Hellman inversion (q-DBDHI) assumption in the random oracle model.

Our proposal realizes three desired situations as follows: (1) the proxy cloud server can re-encrypt the delegated data containing some keyword which matches the trapdoor from delegatee, (2) the proxy can only re-encrypt a limited number of delegated data to the delegatee; otherwise, the private key of the proxy will be exposed, and (3) the proxy cloud server learns nothing about the contents of data and keyword.


Limited proxy re-encryption Keyword search Data access control Cloud computing 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. 2.
    Khurana, H., Heo, J., Pant, M.: From proxy encryption primitives to a deployable secure-mailing-list solution. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 260–281. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 89–106. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: Proceedings in NDSS 2005, pp. 1–15 (2005)Google Scholar
  5. 5.
    Ivan, A., Dodis, Y.: Proxy cryptography revisited. In: Proceedings in NDSS 2003, pp. 1–20 (2003)Google Scholar
  6. 6.
    Tang, Q.: Type-based proxy re-encryption and its construction. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 130–144. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Weng, J., Deng, R.H., Chu, C., Ding, X., Lai, J.: Conditional proxy re-encryption secure against chosen-ciphertext attack. In: Proceeding in ACM ASIACCS 2009, pp. 322–332 (2009)Google Scholar
  8. 8.
    Shao, J., Cao, Z., Liang, X., Lin, H.: Proxy re-encryption with keyword search. Information Sciences 180(13), 2576–2587 (2010)MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Wang, X.A., Wang, Z., Ding, Y., Bai, S.: k-times proxy re-encryption. In: Proceeding in CIS 2011, pp. 949–953 (2010)Google Scholar
  12. 12.
    Purushothama, B.R., Shrinath, B., Amberker, B.B.: Secure cloud storage service and limited proxy re-encryption for enforcing access control in public cloud. International Journal of Information and Communication Technology 5(2), 167–186 (2013)CrossRefGoogle Scholar
  13. 13.
    Hwang, J., Lee, D., Lim, J.: Digital signature scheme with restriction on signing capability. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 324–335. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Choi, C., Kim, Z., Kim, K.: Schnorr signature scheme with restricted signing capability and its application. In: Proceeding in CSS 2003 (2003)Google Scholar
  15. 15.
    Shamir, A.: How to share a secret. Communications of the Association for Computing Machinery 33(3), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: ACM CCS 2007, Full version: Cryptology ePrint Archieve: Report 2007/171 (2007)Google Scholar
  17. 17.
    Horowitz, E., Sahani, S., Rajasekaran, S.: Fundamentals of computer algorithms. Universities Press, Hyderabad (2007)Google Scholar
  18. 18.
    Dodis, Y., Yampolskiy, A.: A verifiable random function with short proofs and keys. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 416–431. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Zhenhua Chen
    • 1
    • 2
  • Shundong Li
    • 1
  • Yimin Guo
    • 1
  • Yilei Wang
    • 3
  • Yunjie Chu
    • 4
  1. 1.School of Computer ScienceShaanxi Normal UniversityXi’anChina
  2. 2.School of Computer Science and TechnologyXi’an University of Science and TechnologyXi’anChina
  3. 3.School of Computer Science and TechnologyShandong UniversityJinanChina
  4. 4.Wuhan Bioengineering InstituteWuhanChina

Personalised recommendations