Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

doi:10.1007/s12204-014-1514-6

上海交通大学学报（英文版） ›› 2014, Vol. 19 ›› Issue (4): 398-405.doi: 10.1007/s12204-014-1514-6

Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

WANG Liang-liang1* (王亮亮), CHEN Ke-fei2 (陈克非),MAO Xian-ping1 (毛贤平), WANG Yong-tao3 (王永涛)

(1. Department of Computer Science and Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2. School of Science, Hangzhou Normal University, Hangzhou 310000, China; 3. China Information Technology Security Evaluation Center, Beijing 100085, China)

出版日期:2014-08-30 发布日期:2014-10-13
通讯作者: WANG Liang-liang(王亮亮) E-mail:liangliangwang@sjtu.edu.cn

Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

WANG Liang-liang1* (王亮亮), CHEN Ke-fei2 (陈克非),MAO Xian-ping1 (毛贤平), WANG Yong-tao3 (王永涛)

(1. Department of Computer Science and Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2. School of Science, Hangzhou Normal University, Hangzhou 310000, China; 3. China Information Technology Security Evaluation Center, Beijing 100085, China)

Online:2014-08-30 Published:2014-10-13
Contact: WANG Liang-liang(王亮亮) E-mail:liangliangwang@sjtu.edu.cn

摘要/Abstract

摘要： In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.

关键词: cloud computing, secure data sharing, proxy re-encryption (PRE), certificateless encryption, key escrow, computational Diffie-Hellman (CDH) problem, random oracle

Abstract: In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.

Key words: cloud computing, secure data sharing, proxy re-encryption (PRE), certificateless encryption, key escrow, computational Diffie-Hellman (CDH) problem, random oracle

中图分类号:

TP 309.2

WANG Liang-liang1* (王亮亮), CHEN Ke-fei2 (陈克非),MAO Xian-ping1 (毛贤平), WANG Yong-tao. Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing[J]. 上海交通大学学报（英文版）, 2014, 19(4): 398-405.

WANG Liang-liang1* (王亮亮), CHEN Ke-fei2 (陈克非),MAO Xian-ping1 (毛贤平), WANG Yong-tao3 (王永涛). Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing[J]. Journal of shanghai Jiaotong University (Science), 2014, 19(4): 398-405.

参考文献

[1] Chow R, Golle P, Jakobsson M, et al. Controlling data in the cloud: Outsourcing computation without outsourcing control [C]//Proceedings of the 2009 ACM workshop on cloud computing security. New York,USA: ACM, 2009: 85-90.
[2] Kamara S, Lauter K. Cryptographic cloud storage[C]//Proceedings of the 14th International Conference on Financial Cryptograpy and Data Security. Berlin,Germany: Springer-Verlag, 2010: 136-149.
[3] Ryan M D. Cloud computing privacy concerns on our doorstep [J]. Communications of the ACM, 2011,54(1): 36-38.
[4] Blaze M, Bleumer G, Strauss M. Divertible protocols and atomic proxy cryptography [J]. Lecture Notes in Computer Science, 1998, 1403: 127-144.
[5] Golle P, Jakobsson M, Juels A, et al. Universal reencryption for mixnets [J]. Lecture Notes in Computer Science, 2004, 2964: 163-178.
[6] Green M, Ateniese G. Identity-based proxy reencryption [C]//Proceedings of the 5th International Conference on Applied Cryptography and Netword Security.Berlin, Germany: Springer-Verlag, 2007: 288-306.
[7] Chu C K, Tzeng W G. Identity-based proxy reencryption without random oracles [J]. Lecture Notes in Computer Science, 2007, 4779: 189-202.
[8] Canetti R, Hohenberger S. Chosen-ciphertext secure proxy re-encryption [C]//Proceedings of the 14th ACM Conference on Computer and Communications Security. New York, USA: ACM, 2007: 185-194.
[9] Libert B, Vergnaud D. Unidirectional chosenciphertext secure proxy re-encryption [J]. Lecture Notes in Computer Science, 2008, 4939: 360-379.
[10] Deng RH, Weng J, Liu S L, et al. Chosen-ciphertext secure proxy re-encryption without pairings [J]. Lecture Notes in Computer Science, 2008, 5339: 1-17.
[11] Shao J, Cao Z F. CCA-secure proxy re-encryption without parings [J]. Lecture Notes in Computer Science,2009, 5443: 357-376.
[12] Weng J, Deng R H, Liu S L, et al. Chosen-ciphertext secure bidirectional proxy re-encryption without parings[J]. Information Sciences, 2010, 180: 5077-5089.
[13] Xu L, Wu X, Zhang X. CL-PRE: A certificateless proxy re-encryption scheme for secure data sharing with public cloud [C]//Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. New York, USA: ACM, 2012: 87-88.
[14] Sur C, Jung C D, Park Y, et al. Chosen-ciphertext secure certificateless proxy re-encryption [J]. Lecture Notes in Computer Science, 2010, 6109: 214-232.
[15] Liu Q, Wang G J, Wu J. Time-based proxy reencryption scheme for secure data sharing in a cloud environment [J]. Information Sciences, 2012, 258:355-370.
[16] Shamir A. Identity-based cryptosystems and signature schemes [J]. Lecture Notes in Computer Science,1985, 196: 47-53.
[17] Guillou L C, Quisquater J-J. A “paradoxical” identity-based signature scheme resulting from zeroknowledge[J]. Lecture Notes in Computer Science,1990, 403: 216-231.
[18] Paterson K G. ID-based signatures from pairings on elliptic curves [J]. Electronics Letters, 2002, 38(18):1025-1026.
[19] Boneh D, Franklin M. Identity-based encryption from the weil pairing [J]. Lecture Notes in Computer Science, 2001, 2139: 213-229.
[20] Choon J C, Cheon J H. An identity-based signature from gap diffie-hellman groups [J]. Lecture Notes in Computer Science, 2002, 2567: 18-30.
[21] Chen X F, Zhang F G, Kim K. A new id-based group signature scheme from bilinear pairings [J]. Lecture Notes in Computer Science, 2003, 2908: 585-592.
[22] Hess F. Efficient identity based signature schemes based on pairings [J]. Lecture Notes in Computer Science,2003, 2595: 310-324.
[23] Yi X. An identity-based signature scheme from the weil pairing [J]. IEEE Communications Letters, 2003,7(2): 76-78.
[24] Al-Riyami S S, Paterson K G. Certificateless public key cryptography [C]// Proceedings of 9th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology-Asiacrypt 2003. Berlin, Germany:Springer-Verlag, 2003: 452-473.
[25] Baek J, Safavi-Naini R, Susilo W. Certificateless public key encryption without pairing [J]. Lecture Notes in Computer Science, 2005, 3650: 134-148.
[26] Sun Y X, Zhang F T, Baek J. Strongly secure certificateless public key encryption without pairing [J].Lecture Notes in Computer Science, 2007, 4856: 194-208.
[27] Yum D H, Lee P J. Generic construction of certificateless encryption [J]. Lecture Notes in Computer Science,2004, 3043: 802-811.
[28] Libert B, Quisquater J-J. On construction certificateless cryptosystems from identity based encryption[J]. Lecture Notes in Computer Science, 2006, 3958:474-490.
[29] Liu J K, Au M H, Susilo W. Self-generatedcertificate public key cryptography and certificateless signature/encryption scheme in the standard model [C]//Proceedings of the 2nd ACM Symposium on Information,Computer and Communications Security.New York, USA: ACM, 2007: 273-283.
[30] Au M H, Mu Y, Chen J, et al. Malicious KGC attacks in certificateless cryptography [C]//Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security. New York, USA:ACM, 2007: 302-311.
[31] Chow S S M, Boyd C, Nieto J M G. Security-Mediated certificateless cryptography [J]. Lecture Notes in Computer Science, 2006, 3958: 508-524.
[32] Barreto P S L M, Kim H Y, Lynn B, et al. Efficient algorithms for pairing-based cryptosystems [J]. Lecture Notes in Computer Science, 2002, 2442: 354-369.
[33] Scott M. Computing the tate pairing [J]. Lecture Notes in Computer Science. 2005, 3376: 293-304.
[34] Bao F, Deng R H, Zhu H F. Variations of diffiehellman problem [J]. Lecture Notes in Computer Science,2003, 2836: 301-312.
[35] Boneh D, Boyen X. Short signatures without random oracles [J]. Lecture Notes in Computer Science, 2004,3027: 56-73.
[36] Waters B. Efficient identity-based encryption without random oracles [C]//Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. Berlin, Germany:Springer-Verlag, 2005: 114-127.

Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 5

编辑推荐

Metrics

本文评价

[1]	SU Mang (苏铓), WANG Liangchen (汪良辰), FU Anmin (付安民), YU Yan (俞研). Proxy Re-Encryption Based Multi-Factor Access Control for Ciphertext in Cloud[J]. Journal of Shanghai Jiao Tong University (Science), 2018, 23(5): 666-670.
[2]	LI Da-zhi1,2* (李大志), LIU Jian-hua3 (刘建华), DONG Xin1 (董鑫),LI Lu-qun2 (李鲁群), CHEN . Application-Oriented Cloud Monitoring Data Distribution Mechanism[J]. 上海交通大学学报（英文版）, 2015, 20(2): 149-155.
[3]	WANG Chih-hung* (王智弘), TU Tai-yuan (涂泰源). Keyword Search Encryption Scheme Resistant Against Keyword-Guessing Attack by the Untrusted Server[J]. 上海交通大学学报（英文版）, 2014, 19(4): 440-442.
[4]	CHEN Jian-hong (陈剑洪), LONG Yu (龙宇), CHEN Ke-fei (陈克非) WANG Yong-tao. An Efficient Threshold Key-Insulated Signature Scheme[J]. 上海交通大学学报（英文版）, 2011, 16(6): 658-662.
[5]	TSO Ray-lin (左瑞麟), KIM Cheonshik, YI Xun (易训). Certificateless Message Recovery Signatures Providing Girault's Level-3 Security[J]. 上海交通大学学报（英文版）, 2011, 16(5): 577-585.