Elsevier

Computer Communications

Volume 157, 1 May 2020, Pages 369-380
Computer Communications

GROSE: Optimal group size estimation for broadcast proxy re-encryption

https://doi.org/10.1016/j.comcom.2020.03.052Get rights and content

Abstract

In this paper, we propose GROSE — a scheme to determine the optimal group size of the receiver in Broadcast Proxy Re-encryption. GROSE uses the Rubinstein–Ståhl bargaining approach, so that both the sender and the receiver are mutually benefited and the total payoff increases. Proxy re-encryption is an important scheme to send cloud data securely to another user. For secured sharing of data to more than one users, the concept of broadcast proxy re-encryption was introduced. However, it poses an overhead on the receiver, if the receiver group is large, as each of the receivers in the group has to calculate the additional expensive algebraic operations, which linearly increases with the number of users in the receiver group. We model the problem using a bargaining perspective, and address it as the Rubinstein–Ståhl bargaining game for finite version of the game and then extend it to the infinite horizon version of it. We define the payoff of the sender and the receiver, and discuss how the payoff depends on different factors. Finally, we implement GROSE and compare it with the previously proposed schemes to depict the efficiency of GROSE. It is observed that GROSE is more efficient than the traditional proxy re-encryption and broadcast proxy re-encryption schemes.

Introduction

The use of cloud computing is overgrowing for data storage and data sharing services [1], [2]. Therefore, there is a need for secure data storage. The user needs to encrypt her outsourced data, as it may contain sensitive information. However, at the time of sharing the encrypted data with another user, the user needs to download the data, decrypt it, and then encrypt the same with the intended receiver’s public key. This obligates the sender unnecessarily, thereby limiting the advantages of cloud services. To address this problem, the idea of proxy re-encryption (PR) was introduced [3]. PR is an efficient method for securely sharing data, which are stored with the third party to receivers. If there exist a great number of users, then the regeneration of the re-encryption key is a challenge, because to send the message repeatedly, the data owner has to produce the re-encryption key repeatedly as well, which, in turn, increases the cost of sender. To address this issue, the idea of Broadcast PR (BPR) was introduced [4]. BPR is attractive to the sender, but as all the users are present in a single group, decryption of the re-encrypted ciphertext needs each of the users to compute additional operations for the other users of the group. Thus, in this paper, we identify this issue and find the optimal group size of receivers using Rubinstein–Ståhl bargaining [5], [6], so that both the sender and the receiver groups are benefited. There exists a lot of work that uses Rubinstein–Ståhl bargaining (e.g. [7], [8]), as a means to orchestrate the bargaining process, where all the players have equal bargaining power. In this work, we model our problem using this game and ensure that the sender and the receivers bargain for the optimal group size of the receivers.

PR is a very flexible method for secure data sharing. However, if there exist a large set of receivers, then the re-encryption key needs to be calculated for each receiver. It is an overburden for her. To avoid this, the concept of BPR was introduced [4]. In Broadcast PR, all the receivers are kept in a single group. The sender generates a single re-encryption key. To perform decryption of the resulted ciphertext, each receiver has to compute the additional operations. Therefore, in BPR, the decryption of the re-encrypted ciphertext is costly. If the users use resource-constrained devices, then decryption will be cost prohibitive. Therefore, it is imperative that, while traditional PR is favorable for use by a receiver, Broadcast PR is favorable for use by the sender. So, these scenarios motivate us to find the optimal size of receivers present in a group of the Broadcast PR scheme, so that it will be more beneficial to the sender than the traditional PR scheme. Additionally, it will also be advantageous to the receivers using this scheme rather than the Broadcast PR scheme.

We propose GROSE1 to determine the optimal group size of the Broadcast PR scheme, so that both the sender and each of the receivers get benefits. The main contributions of this work are as follows:

  • 1.

    As far as we know, we are the first to use Rubinstein–Ståhl bargaining approach in Broadcast PR, so that both the sender and the receivers are mutually benefited in terms of computation of costly mathematical operations.

  • 2.

    We use an approach, which is an assortment of different approaches such as the ones used in [8], [9], to model our optimal group size problem and solve it. We adopt and modify existing game theoretic results in our paper.

  • 3.

    We use the backward induction method to find the subgame-perfect equilibrium strategy with the sender and the receiver for the finite horizon version (FHV) of the game. Later, we extend the game model to the infinite horizon version (IHV) of the game to vanish the advantage of the last period offerer of the bargaining game.

  • 4.

    GROSE strikes a proper balance between the payoffs of the sender and the receiver, while increasing the total payoff of the overall system to manifolds.

  • 5.

    The simulation results of GROSE is presented to demonstrate that it requires less computation of costly arithmetic operations, which helps in establishing the efficiency of our scheme.

Section 2 reviews the existing works on proxy re-encryption, broadcast proxy re-encryption, and Rubinstein bargaining and its various applications. Section 3 formulates our problem as a bargaining game. Section 4 solves the bargaining game as FHV and IHV of the game. Section 5 defines how different factors such as discount factor and the number of receivers affects the payoff of each player, and we show the efficiency of our scheme by comparing it with traditional schemes. Section 6 concludes the paper.

Section snippets

Proxy Re-encryption

The idea of Proxy Re-encryption (PR) was introduced in [3], where a third party proxy is used to convert a ciphertext which was encrypted under delegator’s public key, to a ciphertext encrypted under delegatee’s public key, without leaking any data of the file. Different PR schemes [10], [11], [12], [13], [14], [15] were proposed based on traditional public key encryption. Here, public key certificates are needed to validate the authentication of the public key. Jakobsson [10] proposed the

Justification for the choice of bargaining game model

The main objective of GROSE is to balance the payoffs of both the sender and the receivers and increase the total payoff of the system. If we calculate the cost of the whole system with a well-defined universal cost function and find the minimum value of it to determine the optimal group size then it does not guarantee to balance the payoffs between the sender and the receivers. In this situation, the group size is calculated based on the minimum total cost of the system. It does not consider

GROSE: The proposed framework

We model the determining of the optimal group size of the Broadcast PR problem by sender S, and receiver R={R1,R2,,RN}, as a bargaining game. In the proposed solution, S and R decide the optimal group size. The game proceeds in each period. When one player (either S or R) proposes a group size, another either accepts or rejects it. If it is a FHV game, the game continues until a group size proposed by one player is accepted by another, or until the maximum allowable time periods T=1,2,,T is

Experimental setup

Table 3 shows the experimental setup. The values of C1, C2, D1, D2, P1, and P2 are different for different broadcast PR schemes. Referring to [34], we set the value of C1, C2, D1, D2, P1, P2 are 7, 1, 5, 1, 3, and 1, respectively. We show how the players’ payoffs depend on various factors such as δS, δR, and N. We also compare GROSE with the up-to-dated Broadcast PR scheme [34], which is denoted by BPR and the traditional proxy re-encryption scheme, which is denoted as TPR [19] to show the

Conclusion

This paper addresses the problem of determining the optimal group size of receivers of Broadcast PR as a bargaining problem, and solves the finite horizon bargaining and infinite horizon bargaining games. It is shown that using GROSE, the sender’s cost for generating re-encryption key is reduced compared to that using the traditional PR. Additionally, each of the receivers decryption cost is also reduced compared to that using the Broadcast PR. Consequently, the total payoff by applying GROSE

CRediT authorship contribution statement

Sumana Maiti: Conceptualization, Formal analysis, Investigation, Methodology, Software, Validation, Writing - original draft. Sudip Misra: Supervision, Writing - review & editing.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

References (42)

  • BrahmaS. et al.

    Spectrum bargaining: A model for competitive sharing of unlicensed radio spectrum

    IEEE Trans. Cogn. Commun. Netw.

    (2015)
  • BrahmaS. et al.

    Spectrum sharing in secondary networks: A bargain theoretic approach

  • JakobssonM.

    On quorum controlled asymmetric proxy re-encryption

  • A. Ivan, Y. Dodis, Proxy cryptography revisited, in: Proc. Network and Distributed System Security Symp.,...
  • V. Kirtane, C.P. Rangan, RSA-TBOS signcryption with Proxy Re-encryption, in: Proc. of 8th ACM Workshop on Digital...
  • AlharbiK.N. et al.

    A privacy-preserving data-sharing framework for smart grid

    IEEE Internet Things J.

    (2016)
  • PérezJ.M.M. et al.

    SecRBAC: Secure data in the clouds

    IEEE Trans. Serv. Comput.

    (2017)
  • TouraniR. et al.

    Security, privacy, and access control in information-centric networking: A survey

    IEEE Commun. Surv. Tutor.

    (2017)
  • R. Canetti, S. Hohenberger, Chosen-ciphertext secure Proxy Re-encryption, in: Proc. 14th ACM Conf. Comput. Commun....
  • AbdallaM. et al.

    The oracle Diffie–Hellman assumptions and an analysis of DHIES

  • LibertB. et al.

    Unidirectional chosen-ciphertext secure proxy re-encryption

    IEEE Trans. Inf. Theory

    (2011)
  • Cited by (3)

    View full text