Skip to main content
Springer Nature Link
Log in

Hierarchical Conditional Proxy Re-Encryption: A New Insight of Fine-Grained Secure Data Sharing

  • Conference paper
  • First Online:
Information Security Practice and Experience (ISPEC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10701))

Abstract

Outsource local data to remote cloud has become prevalence for Internet users to date. While being unable to “handle” (outsourced) data at hand, Internet users may concern about the confidentiality of data but also further operations over remote data. This paper deals with the case where a secure data sharing mechanism is needed when data is encrypted and stored in remote cloud. Proxy re-encryption (PRE) is a promising cryptographic tool for secure data sharing. It allows a “honest-but-curious” third party (e.g., cloud server), which we call “proxy”, to convert all ciphertexts encrypted for a delegator into those intended for a delegatee. The delegatee can further gain access to the plaintexts with private key, while the proxy learns nothing about the underlying plaintexts. Being regarded as a general extension of PRE, conditional PRE supports a fine-grained level of data sharing. In particular, condition is embedded into ciphertext that offers a chance for the delegator to generate conditional re-encryption key to control with which ciphertexts he wants to share. In this paper, for the first time, we introduce a new notion, called “hierarchical conditional” PRE. The new notion allows re-encryption rights to be “re-delegated” for “low-level” encrypted data. We propose the seminal scheme satisfying the notion in the context of identity-based encryption and further, prove it secure against chosen-ciphertext security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ateniese, G., Kevin, F., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)

    Article  MATH  Google Scholar 

  2. Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054122

    Chapter  Google Scholar 

  3. Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security (CCS 2007), Alexandria, Virginia, USA, 28–31 October 2007, pp. 185–194 (2007)

    Google Scholar 

  4. Castiglione, A., De Santis, A., Masucci, B., Palmieri, F., Castiglione, A., Huang, X.: Cryptographic hierarchical access control for dynamic structures. IEEE Trans. Inf. Forensics Secur. 11(10), 2349–2364 (2016)

    Article  MATH  Google Scholar 

  5. Castiglione, A., De Santis, A., Masucci, B., Palmieri, F., Castiglione, A., Li, J., Huang, X.: Hierarchical and shared access control. IEEE Trans. Inf. Forensics Secur. 11(4), 850–865 (2016)

    Google Scholar 

  6. Chu, C.-K., Tzeng, W.-G.: Identity-based proxy re-encryption without random oracles. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 189–202. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75496-1_13

    Chapter  Google Scholar 

  7. Deng, R.H., Weng, J., Liu, S., Chen, K.: Chosen-ciphertext secure proxy re-encryption without pairings. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 1–17. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89641-8_1

    Chapter  Google Scholar 

  8. Fang, L., Susilo, W., Ge, C., Wang, J.: Interactive conditional proxy re-encryption with fine grain policy. J. Syst. Softw. 84(12), 2293–2302 (2011)

    Article  Google Scholar 

  9. Giuseppe, A., Kevin., Matthew, G., Susan, H.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: Proceedings of the Network and Distributed System Security Symposium (NDSS 2005), San Diego, California, USA (2005)

    Google Scholar 

  10. Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288–306. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-72738-5_19

    Chapter  Google Scholar 

  11. Hanaoka, G., Kawai, Y., Kunihiro, N., Matsuda, T., Weng, J., Zhang, R., Zhao, Y.: Generic construction of chosen ciphertext secure proxy re-encryption. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 349–364. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_22

    Chapter  Google Scholar 

  12. He, K., Weng, J., Deng, R.H., Liu, J.K.: On the security of two identity-based conditional proxy re-encryption schemes. Theor. Comput. Sci. 652, 18–27 (2016)

    Article  MathSciNet  MATH  Google Scholar 

  13. He, K., Weng, J., Liu, J.K., Zhou, W., Liu, J.-N.: Efficient fine-grained access control for secure personal health records in cloud computing. In: Chen, J., Piuri, V., Su, C., Yung, M. (eds.) NSS 2016. LNCS, vol. 9955, pp. 65–79. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46298-1_5

    Chapter  Google Scholar 

  14. Lee, C.-C., Li, C.-T., Chen, C.-L., Chiu, S.-T.: A searchable hierarchical conditional proxy re-encryption scheme for cloud storage services. ITC 45(3), 289–299 (2016)

    Article  Google Scholar 

  15. Liang, K., Au, M.H., Liu, J.K., Susilo, W., Wong, D.S., Yang, G., Yu, Y., Yang, A.: A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. Future Gener. Comput. Syst. 52, 95–108 (2015)

    Article  Google Scholar 

  16. Liang, K., Chu, C.-K., Tan, X., Wong, D.S., Tang, C., Zhou, J.: Chosen-ciphertext secure multi-hop identity-based conditional proxy re-encryption with constant-size ciphertexts. Theor. Comput. Sci. 539, 87–105 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  17. Liang, K., Fang, L., Wong, D.S., Susilo, W.: A ciphertext-policy attribute-based proxy re-encryption scheme for data sharing in public clouds. Concurr. Comput. Pract. Exp. 27(8), 2004–2027 (2015)

    Article  Google Scholar 

  18. Liang, K., Liu, J.K., Wong, D.S., Susilo, W.: An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 257–272. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11203-9_15

    Google Scholar 

  19. Liang, K., Liu, Z., Tan, X., Wong, D.S., Tang, C.: A CCA-secure identity-based conditional proxy re-encryption without random oracles. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 231–246. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_17

    Chapter  Google Scholar 

  20. Liang, K., Su, C., Chen, J., Liu, J.K.: Efficient multi-function data sharing and searching mechanism for cloud-based encrypted data. In: Chen, X., Wang, X., Huang, X. (eds.) Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security (AsiaCCS 2016), Xi’an, China, May 30 - June 3, 2016, pp. 83–94. ACM (2016)

    Google Scholar 

  21. Liang, K., Susilo, W.: Searchable attribute-based mechanism with efficient data sharing for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 10(9), 1981–1992 (2015)

    Article  Google Scholar 

  22. Liang, K., Susilo, W., Liu, J.K.: Privacy-preserving ciphertext multi-sharing control for big data storage. IEEE Trans. Inf. Forensics Secur. 10(8), 1578–1589 (2015)

    Article  Google Scholar 

  23. Liang, X., Cao, Z., Lin, H., Shao, J.: Attribute based proxy re-encryption with delegating capabilities. In: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009), Sydney, Australia, 10–12 March 2009, pp. 276–286 (2009)

    Google Scholar 

  24. Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 360–379. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78440-1_21

    Chapter  Google Scholar 

  25. Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. IEEE Trans. Inf. Theory 57(3), 1786–1802 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  26. Wang, L., Wang, L., Mambo, M., Okamoto, E.: New identity-based proxy re-encryption schemes to prevent collusion attacks. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 327–346. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17455-1_21

    Chapter  Google Scholar 

  27. Lin, S., Zhang, R., Wang, M.: Verifiable attribute-based proxy re-encryption for secure public cloud data sharing. Secur. Commun. Netw. 9(12), 1748–1758 (2016)

    Article  Google Scholar 

  28. Luo, S., Shen, Q., Chen, Z.: Fully secure unidirectional identity-based proxy re-encryption. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 109–126. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31912-9_8

    Chapter  Google Scholar 

  29. Matsuda, T., Nishimaki, R., Tanaka, K.: CCA proxy re-encryption without bilinear maps in the standard model. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 261–278. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13013-7_16

    Chapter  Google Scholar 

  30. Matsuo, T.: Proxy re-encryption systems for identity-based encryption. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 247–267. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73489-5_13

    Chapter  Google Scholar 

  31. Mizuno, T., Doi, H.: Secure and efficient IBE-PKE proxy re-encryption. IEICE Trans. 94–A(1), 36–44 (2011)

    Article  Google Scholar 

  32. Nabeel, M., Bertino, E.: Privacy preserving delegated access control in public clouds. IEEE Trans. Knowl. Data Eng. 26(9), 2268–2280 (2014)

    Article  Google Scholar 

  33. Shao, J., Cao, Z.: Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption. Inf. Sci. 206, 83–95 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  34. Shao, J., Rongxing, L., Lin, X., Liang, K.: Secure bidirectional proxy re-encryption for cryptographic cloud storage. Pervasive Mobile Comput. 28, 113–121 (2016)

    Article  Google Scholar 

  35. Smith, T.: DVD jon: Buy DRM-less tracks from Apple iTunes, January 2005. http://www.theregister.co.uk/2005/03/18/itunespymusique

  36. Tang, Q.: Type-based proxy re-encryption and its construction. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 130–144. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89754-5_11

    Chapter  Google Scholar 

  37. Isshiki, T., Nguyen, M.H., Tanaka, K.: Proxy re-encryption in a stronger security model extended from CT-RSA2012. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 277–292. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36095-4_18

    Chapter  Google Scholar 

  38. Wang, L., Wang, L., Mambo, M., Okamoto, E.: Identity-based proxy cryptosystems with revocability and hierarchical confidentialities. IEICE Trans. 95–A(1), 70–88 (2012)

    Article  Google Scholar 

  39. Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_7

    Chapter  Google Scholar 

  40. Weng, J., Chen, M.-R., Yang, Y., Deng, R.H., Chen, K., Bao, F.: CCA-secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles. Sci. China Inf. Sci. 53(3), 593–606 (2010)

    Article  MathSciNet  Google Scholar 

  41. Weng, J., Deng, R.H., Ding, X., Chu, C.-K., Lai, J.: Conditional proxy re-encryption secure against chosen-ciphertext attack. In: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009), Sydney, Australia, 10–12 March 2009, pp. 322–332 (2009)

    Google Scholar 

  42. Weng, J., Yang, Y., Tang, Q., Deng, R.H., Bao, F.: Efficient conditional proxy re-encryption with chosen-ciphertext security. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 151–166. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04474-8_13

    Chapter  Google Scholar 

Download references

Acknowledgment

This work was supported by National Science Foundation of China (No. 61572131), Guangdong Provincial Science and Technology Plan Projects (No. 2016A010101034) and Project of Internation as well as Hongkong, Macao & Taiwan Science and Technology Cooperation Innovation Platform in Universities in Guangdong Province (No. 2015KGJHZ027).

Author information

Authors and Affiliations

  1. School of Computer and Network Security, Dongguan University of Technology, Guangdong, 523808, China

    Kai He, Huaqiang Yuan & Wenhong Wei

  2. School of Computing and Information Technology, University of Wollongong, Wollongong, NSW, 2512, Australia

    Xueqiao Liu

  3. Department of Computer Science, University of Surrey, Guildford, UK

    Kaitai Liang

Authors
  1. Kai He
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xueqiao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Huaqiang Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wenhong Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kaitai Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Huaqiang Yuan .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, Victoria, Australia

    Joseph K. Liu

  2. University of Milan, Milan, Italy

    Pierangela Samarati

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

He, K., Liu, X., Yuan, H., Wei, W., Liang, K. (2017). Hierarchical Conditional Proxy Re-Encryption: A New Insight of Fine-Grained Secure Data Sharing. In: Liu, J., Samarati, P. (eds) Information Security Practice and Experience. ISPEC 2017. Lecture Notes in Computer Science(), vol 10701. Springer, Cham. https://doi.org/10.1007/978-3-319-72359-4_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72359-4_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72358-7

  • Online ISBN: 978-3-319-72359-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics