Towards a Secure Certificateless Proxy Re-Encryption Scheme
Proxy re-encryption (PRE) is an attractive paradigm, which gives good solutions to the problem of delegation of decryption rights. In proxy re-encryption, a semi-trusted proxy translates a ciphertext for Alice into a ciphertext of the same plaintext for Bob, without learning any information of the underlying message. As far as we know, previous PRE schemes are mainly in traditional public key infrastructure or identity-based cryptography, thus they suffer from certificate management problem or key escrow problem in practice. In order to solve these practical problems, we aim at constructing certificateless proxy re-encryption (CL-PRE) schemes.
In this paper, we first introduce a security definition against (replayable) chosen ciphertext attack (CCA) for certificateless proxy re-encryption. In our security model, the adversary is allowed to adaptively corrupt users (in a specific pattern). Then, we give some evidence that it is not easy to construct a secure CL-PRE. Actually, we present an attack to the chosen plaintext secure CL-PRE scheme proposed by Xu et al. . We also show a novel generic construction for certificateless public key encryption (CL-PKE) can not be trivially adapted to CL-PRE by giving an attack to this generic construction. Finally, we present an efficient CL-PRE scheme and prove its security in the random oracle model based on well-known assumptions.
Unable to display preview. Download preview PDF.
- 1.Xu, L., Wu, X., Zhang, X.: Cl-pre: a certificateless proxy re-encryption scheme for secure data sharing with public cloud. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. ASIACCS 2012, pp. 87–88. ACM (2012)Google Scholar
- 3.Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 185–194. ACM (2007)Google Scholar
- 5.Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, pp. 261–270. ACM (2010)Google Scholar
- 6.Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 131–143 (2013)Google Scholar
- 10.Liang, X., Cao, Z., Lin, H., Shao, J.: Attribute based proxy re-encryption with delegating capabilities. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 276–286. ACM (2009)Google Scholar
- 28.Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 273–283. ACM (2007)Google Scholar
- 29.Chow, S.S.M.: Certificateless Encryption. In: Identity-Based Cryptography. IOS, pp. 135–155 (2008)Google Scholar