Advertisement

Towards a Secure Certificateless Proxy Re-Encryption Scheme

  • Hui Guo
  • Zhenfeng Zhang
  • Jiang Zhang
  • Cheng Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8209)

Abstract

Proxy re-encryption (PRE) is an attractive paradigm, which gives good solutions to the problem of delegation of decryption rights. In proxy re-encryption, a semi-trusted proxy translates a ciphertext for Alice into a ciphertext of the same plaintext for Bob, without learning any information of the underlying message. As far as we know, previous PRE schemes are mainly in traditional public key infrastructure or identity-based cryptography, thus they suffer from certificate management problem or key escrow problem in practice. In order to solve these practical problems, we aim at constructing certificateless proxy re-encryption (CL-PRE) schemes.

In this paper, we first introduce a security definition against (replayable) chosen ciphertext attack (CCA) for certificateless proxy re-encryption. In our security model, the adversary is allowed to adaptively corrupt users (in a specific pattern). Then, we give some evidence that it is not easy to construct a secure CL-PRE. Actually, we present an attack to the chosen plaintext secure CL-PRE scheme proposed by Xu et al. [1]. We also show a novel generic construction for certificateless public key encryption (CL-PKE) can not be trivially adapted to CL-PRE by giving an attack to this generic construction. Finally, we present an efficient CL-PRE scheme and prove its security in the random oracle model based on well-known assumptions.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Xu, L., Wu, X., Zhang, X.: Cl-pre: a certificateless proxy re-encryption scheme for secure data sharing with public cloud. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. ASIACCS 2012, pp. 87–88. ACM (2012)Google Scholar
  2. 2.
    Blaze, M., Bleumer, G., Strauss, M.J.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  3. 3.
    Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 185–194. ACM (2007)Google Scholar
  4. 4.
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information and System Security (TISSEC) 9, 1–30 (2006)CrossRefGoogle Scholar
  5. 5.
    Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, pp. 261–270. ACM (2010)Google Scholar
  6. 6.
    Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 131–143 (2013)Google Scholar
  7. 7.
    Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 360–379. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    Chu, C.-K., Tzeng, W.-G.: Identity-based proxy re-encryption without random oracles. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 189–202. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288–306. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Liang, X., Cao, Z., Lin, H., Shao, J.: Attribute based proxy re-encryption with delegating capabilities. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 276–286. ACM (2009)Google Scholar
  11. 11.
    Luo, S., Hu, J., Chen, Z.: Ciphertext policy attribute-based proxy re-encryption. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 401–415. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Baek, J., Safavi-Naini, R., Susilo, W.: Certificateless public key encryption without pairing. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 134–148. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Libert, B., Quisquater, J.-J.: On constructing certificateless cryptosystems from identity based encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 474–490. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Chow, S.S.M., Boyd, C., González Nieto, J.M.: Security-mediated certificateless cryptography. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 508–524. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Lai, J., Kou, W.: Self-generated-certificate public key encryption without pairing. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 476–489. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Chow, S.S.M., Weng, J., Yang, Y., Deng, R.H.: Efficient unidirectional proxy re-encryption. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 316–332. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  18. 18.
    Sun, Y., Zhang, F.T., Baek, J.: Strongly secure certificateless public key encryption without pairing. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds.) CANS 2007. LNCS, vol. 4856, pp. 194–208. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  21. 21.
    Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. IEEE Transactions on Information Theory 57, 1786–1802 (2011)MathSciNetCrossRefGoogle Scholar
  22. 22.
    Hanaoka, G., Kawai, Y., Kunihiro, N., Matsuda, T., Weng, J., Zhang, R., Zhao, Y.: Generic construction of chosen ciphertext secure proxy re-encryption. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 349–364. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  23. 23.
    Chu, C.-K., Weng, J., Chow, S.S.M., Zhou, J., Deng, R.H.: Conditional proxy broadcast re-encryption. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 327–342. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Canetti, R., Krawczyk, H., Nielsen, J.B.: Relaxing chosen-ciphertext security. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 565–582. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  25. 25.
    Isshiki, T., Nguyen, M.H., Tanaka, K.: Proxy re-encryption in a stronger security model extended from CT-RSA2012. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 277–292. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  26. 26.
    Dent, A.W.: A survey of certificateless encryption schemes and security models. International Journal of Information Security 7, 349–377 (2008)CrossRefGoogle Scholar
  27. 27.
    Dent, A.W.: A brief introduction to certificateless encryption schemes and their infrastructures. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 1–16. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  28. 28.
    Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 273–283. ACM (2007)Google Scholar
  29. 29.
    Chow, S.S.M.: Certificateless Encryption. In: Identity-Based Cryptography. IOS, pp. 135–155 (2008)Google Scholar
  30. 30.
    Koo, W.K., Hwang, J.Y., Lee, D.H.: Security vulnerability in a non-interactive id-based proxy re-encryption scheme. Information Processing Letters 109, 1260–1262 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Hui Guo
    • 1
  • Zhenfeng Zhang
    • 1
  • Jiang Zhang
    • 1
  • Cheng Chen
    • 1
  1. 1.Trusted Computing and Information Assurance Laboratory, Institute of SoftwareChinese Academy of SciencesBeijingChina

Personalised recommendations