Abstract
Key revocation and ciphertext update are two prominent security requirements for identity-based encryption systems from a practical view. Several solutions to offer efficient key revocation or ciphertext update for identity-based encryption systems have been proposed in the literature. However, how to achieve both key revocation and ciphertext update functionalities simultaneously in identity-based encryption systems is still an open problem. Recently, Liang et al. introduce the notion of cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme with the aim to achieve both ciphertext update and key revocation functionalities, and present a CR-IB-PRE scheme from bilinear pairings. In this paper, we first showed Liang et al.’s scheme has serious security pitfalls such as re-encryption key forgery and collusion attack, which lead to revoked users can decrypt any ciphertext regarding their identities at any time period. We then redefined the syntax and security model of CR-IB-PRE scheme and proposed an improved CR-IB-PRE scheme from bilinear pairings. The improved scheme not only achieves collusion resistance, but also takes lower decryption computation and achieves constant size re-encrypted ciphtertext. Finally, we proved the improved CR-IB-PRE scheme is adaptively secure in the standard model under DBDH assumption.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Baek, J., Newmarch, J., Safavi-naini, R., et al.: A survey of identity-based cryptography. In: Proceedings of Australian Unix Users Group Annual Conference, pp. 95–102 (2004)
Boneh, D., Canetti, R., Halevi, S., et al.: Chosen ciphertext security from identity-based encryption. SIAM J. Comput. 36, 915–942 (2006)
Kang, L., Tang, X.H., Liu, J.F.: Tight chosen ciphertext attack (CCA)-secure hybrid encryption scheme with full public verifiability. Sci. China Inf. Sci. 57, 112112(14) (2014)
Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)
Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288–306. Springer, Heidelberg (2007)
Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 417–426. ACM, New York (2008)
Libert, B., Vergnaud, D.: Adaptive-ID secure revocable identity-based encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009)
Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013)
Wang, C.J., Li, Y., Xia, X.N., et al.: An efficient and provable secure revocable identity-based encryption scheme. PLoS ONE 9(9), e106925 (2014). doi:10.1371/journal.pone.0106925
Chu, C.-K., Tzeng, W.-G.: Identity-based proxy re-encryption without random oracles. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 189–202. Springer, Heidelberg (2007)
Wang, L., Wang, L., Mambo, M., Okamoto, E.: New identity-based proxy re-encryption schemes to prevent collusion attacks. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 327–346. Springer, Heidelberg (2010)
Shao, J., Cao, Z.F.: Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption. Inf. Sci. 206, 83–95 (2012)
Tang, Q., Hartel, P., Jonker, W.: Inter-domain identity-based proxy re-encryption. In: Yung, M., Liu, P., Lin, D. (eds.) Inscrypt 2008. LNCS, vol. 5487, pp. 332–347. Springer, Heidelberg (2009)
Luo, S., Shen, Q., Chen, Z.: Fully secure unidirectional identity-based proxy re-encryption. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 109–126. Springer, Heidelberg (2012)
Liang, K., Liu, J.K., Wong, D.S., Susilo, W.: An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In: Kutyłowski, M., Vaidya, J. (eds.) ICAIS 2014, Part I. LNCS, vol. 8712, pp. 257–272. Springer, Heidelberg (2014)
Lee, K., Choi, S.G., Lee, D.H., Park, J.H., Yung, M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 235–254. Springer, Heidelberg (2013)
Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, C., Fang, J., Li, Y. (2015). An Improved Cloud-Based Revocable Identity-Based Proxy Re-encryption Scheme. In: Niu, W., et al. Applications and Techniques in Information Security. ATIS 2015. Communications in Computer and Information Science, vol 557. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48683-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-662-48683-2_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-48682-5
Online ISBN: 978-3-662-48683-2
eBook Packages: Computer ScienceComputer Science (R0)