Secure Data Sharing in Cloud Using an Efficient Inner-Product Proxy Re-Encryption Scheme

Authors

  • Masoomeh Sepehri Department of Computer Science, University of Milan, Milan, Italy
  • Alberto Trombetta Department of Computer Science and Communication, University of Insubria,Varese, Italy
  • Maryam Sepehri Department of Computer Science, University of Milan, Milan, Italy

DOI:

https://doi.org/10.13052/2245-1439.635

Keywords:

Attribute-based cryptography, Secure data sharing, Fine-grained access control, Proxy re-encryption

Abstract

With the ever-growing production of data coming from multiple, scattered, highly dynamical sources (like those found in IoT scenarios), many providers are motivated to upload their data to the cloud servers and share them with other persons with different purposes. However, storing data on cloud imposes serious concerns in terms of data confidentiality and access control. These concerns get more attention when data is required to be shared among multiple users with different access policies. In order to update access policy without making re-encryption, we propose an efficient inner-product proxy re-encryption scheme that provides a proxy server with a transformation key with which a delegator’s ciphertext associated with an attribute vector can be transformed to a new ciphertext associated with delegatee’s attribute vector set. Our proposed policy updating scheme enables the delegatee to decrypt the shared data with its own key without requesting a new decryption key. We experimentally analyze the efficiency of our scheme and show that our scheme is adaptive attribute-secure against chosen-plaintext under standard Decisional Linear (D-Linear) assumption.

 

Downloads

Download data is not yet available.

Author Biographies

Masoomeh Sepehri, Department of Computer Science, University of Milan, Milan, Italy

Masoomeh Sepehri is a Ph.D. candidate in Computer Science at the University of Milan. Her research activity mainly focused on the design of cryptographic protocols for secure data sharing in the cloud computing and Internet of Things.

Alberto Trombetta, Department of Computer Science and Communication, University of Insubria,Varese, Italy

Alberto Trombetta is Associate Professor at the Department of Scienze Teoriche e Applicate at Insubria University in Varese, Italy. His main research interests include security and privacy issues in data management systems, applied cryptography and trust management.

Maryam Sepehri, Department of Computer Science, University of Milan, Milan, Italy

Maryam Sepehri received the Ph.D. degree in Computer Science from the University of Milan, Italy, in 2014. She is currently pursuing postdoctoral research fellow at the University of Waterloo, Canada. Her research interest includes privacy-preserving query processing over encrypted data.

References

G. Ateniese, K. Fu, M. Green, and S. Hohenberger (2006). Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur., 9, 1–30.

J. Bethencourt, A. Sahai, and B. Waters (2007). Ciphertext-policy attribute-based en cryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP ’07, (IEEE Computer Society: Washington, DC, USA), 321–334.

M. Blaze, G. Bleumer, and M. Strauss (1998). Divertible Protocols and Atomic Proxy Cryptography. Springer: Berlin, Heidelberg, 127–144.

D. Boneh, X. Boyen, and H. Shacham (2004). Short Group Signatures. Springer: Berlin, Heidelberg, pp. 41–55.

D. Boneh and M. Franklin (2001). Identity-Based Encryption from the Weil Pairing. Springer: Berlin, Heidelberg, 213–229.

M. Chase (2007). Multi-authority attribute based encryption. In Proceedings of the 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands. (ed) Salil P. Vadhan, Theory of Cryptography, Lecture Notes in Computer Science, Vol. 4392, (Springer),pp. 515–534.

L. Cheung and Calvin C (2007). Newport. Provably secure ciphertext policy ABE. IACR Cryptology ePrint Archive, 2007:183.

T. El Gamal (1985). “A public key cryptosystem and a signature scheme based on discrete logarithms,” in Proceedings of CRYPTO 84 on Advances in Cryptology, New York, NY, USA, (Springer-Verlag New York, Inc.), 10–18.

K. Emura, A. Miyaji, A. Nomura, K. Omote, and M. Soshi (2009). A Ciphertext-Policy Attribute-Based Encryption Scheme with Constant Ciphertext Length. Springer: Berlin, Heidelberg, 13–23.

V. Goyal, O. Pandey, A. Sahai, and B. Waters (2006). “Attribute-based encryption for fine-grained access control of encrypted data,” in Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS ’06, (ACM: New York, NY, USA), 89–98.

M. Green and G. Ateniese (2007). Identity-Based Proxy Re-encryption. Springer: Berlin, Heidelberg, 288–306.

H. Guo, F. Ma, Z. Li, and C. Xia (2015). “Key-exposure protection in public auditing with user revocation in cloud storage,” in Revised Selected Papers of the 6th International Conference on Trusted Systems, INTRUST 2014, (LNCS, Vol. 9473), 127–136.

S. Guo, Y. Zeng, J. Wei, and Q. Xu (2008). Attribute-based re-encryption scheme in the standard model. Wuhan University Journal of Natural Sciences, 13, 621–625.

J. Katz, A. Sahai, and B. Waters (2008). Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products. Springer: Berlin, Heidelberg, 146–162.

Y. Kawai and K. Takashima (2013). Fully-anonymous functional proxy-re-encryption. IACR Cryptology ePrint Archive, 2013:318.

A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters (2010). Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption. Springer: Berlin, Heidelberg, 62–91.

H. Li and L. Pang (2016). Efficient and adaptively secure attribute-based proxy reencryption scheme. IJDSN, 12, 5235714:1–5235714:12.

K. Li (2013). Matrix access structure policy used in attribute-based proxy re-encryption. CoRR. abs/1302.6428, eprint: arXiv:1302.6428.

K. Liang, L. Fang, W. Susilo, and D. S. Wong (2013). “A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security,” in 2013 5th International Conference on Intelligent Networking and Collaborative Systems, 552–559.

K. Liang, M. H. Au, W. Susilo, D. S. Wong, G. Yang, and Y. Yu (2014). An Adaptively CCA-Secure Ciphertext-Policy Attribute-Based ProxyRe-Encryption for Cloud Data Sharing. Springer International Publishing: Cham, 448–461.

X. Liang, Z. Cao, H. Lin, and J. Shao (2009). “Attribute based proxy re-encryption with delegating capabilities,” in Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009, Sydney, Australia, 276–286.

S. Luo, J. Hu, and Z. Chen (2010). “Ciphertext policy attribute-based proxy re-encryption,” in Proceedings of the 12th International Conference on Information and Communications Security, ICICS’10, (Springer-Verlag: Berlin, Heidelberg), 401–415.

B. Lynn (2007). Pairing Based Cryptography Library. Available at: http://crypto.stanford.edu/pbc/

M. Mambo and E. Okamoto (1997). Proxy cryptosystems: Delegation of the power to decrypt ciphertexts. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 80A, 54–63.

T. Okamoto and K. Takashima (2009). Hierarchical Predicate Encryption for Inner-Products. Springer: Berlin, Heidelberg, 214–231.

J. H. Park (2011). Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58, 235–257.

Z. Qin, H. Xiong, S. Wu, and J. Batamuliza (2017). A survey of proxy re-encryption for secure data sharing in cloud computing. IEEE Transactions on Services Computing, PP(99), 1–1. doi: 10.1109/TSC.2016.2551238

A. Sahai and B. Waters (2005). Fuzzy Identity-Based Encryption. Springer: Berlin, Heidelberg, 457–473.

H. Seo and H. Kim (2012). Attribute-based proxy re-encryption with a constant number of pairing operations. J. Inform. and Commun. Convergence Engineering, 10, 53–60.

M. Sepehri, S. Cimato, and E. Damiani (2017). “Efficient implementation of a proxy-based protocol for data sharing on the cloud,” in Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing, SCC@AsiaCCS 2017, Abu Dhabi, United Arab Emirates, April 2, 2017, pp. 67–74.

M. Sepehri, S. Cimato, E. Damiani, and C. Y. Yeuny (2015). “Data sharing on the cloud: A scalable proxy-based protocol for privacy-preserving queries,” in Proceedings of the 7th IEEE International Symposium on Ubisafe Computing in Conjunction with 14th IEEE Conference on Trust, Security and Privacy in Computing and Communications, TrustCom/BigDataSE/ISPA, Helsinki, Finland, 1357–1362.

M. Sepehri, and A. Trombetta (2017). Secure and Efficient Data Sharing with Atribute-based Proxy Re-encryption Scheme. In Proceedings of the 12th International Conference on Availability, Reliability and Security. ACM: Reggio Calabria, Italy, 1–63.

D. Thilakanathan, S. Chen, S. Nepal, and R. A. Calvo (2014). Secure Data Sharing in the Cloud. Springer: Berlin, Heidelberg, 45–72.

B. Waters (2009). Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions. Springer: Berlin, Heidelberg,619–636.

B. Waters (2011). Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. Springer: Berlin, Heidelberg, 53–70.

S. Yu, C. Wang, K. Ren, and W. Lou (2010). “Attribute based data sharing with attribute revocation,” in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’10, (ACM: New York, NY, USA), 261–270.

Downloads

Published

2017-12-01

How to Cite

1.
Sepehri M, Trombetta A, Sepehri M. Secure Data Sharing in Cloud Using an Efficient Inner-Product Proxy Re-Encryption Scheme. JCSANDM [Internet]. 2017 Dec. 1 [cited 2024 Mar. 28];6(3):339-78. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/5251

Issue

Section

Articles