An Identity-Based Conditional Proxy Re-Encryption in Cloud Computing Environments

2014 ◽  
Vol 571-572 ◽  
pp. 74-78
Author(s):  
Xian Yong Meng ◽  
Zhong Chen ◽  
Xiang Yu Meng ◽  
Bing Sun
Keyword(s):  
Cloud Computing ◽  
Secret Sharing ◽  
Communication Cost ◽  
Public Key ◽  
Encryption Scheme ◽  
Private Key ◽  
Identity Based ◽  
Computing Environments

In this paper, an identity-based conditional proxy re-encryption (PRE) scheme is proposed, where a delegator provides a re-encryption key satisfying one condition to a semi-trusted proxy who can convert a ciphertext encrypted under the delegator’s public key into one that can be decrypted using the delegatee’s private key. We address the identity-based proxy re-encryption scheme, where the delegator and the delegatee request keys from a trusted party known as a key generator center (KGC), who generates private keys for delegator and delegatee based on their identities. Meanwhile, the identity-based conditional proxy re-encryption scheme satisfies the properties of PRE including unidirectionality, non-interactivity and multi-hop. Additionally, the identity-based conditional proxy re-encryption scheme is efficient in terms of both the communication cost and the computing cost, and can realize security secret sharing in cloud computing environments.

A Novel Proxy Re-Encryption with Keyword Search

2014 ◽  
Vol 631-632 ◽  
pp. 897-901
Author(s):  
Xian Yong Meng ◽  
Zhong Chen ◽  
Xiang Yu Meng
Keyword(s):  
Cloud Computing ◽  
Keyword Search ◽  
Privacy Preserving ◽  
Public Key ◽  
Sensitive Data ◽  
Private Key ◽  
Identity Based ◽  
Computing Environments

In this paper, a novel proxy re-encryption (PRE) scheme with keyword search is proposed, where only the ciphertext containing the keyword set by the delegator can be transformed by the semi-trusted proxy and then decrypted by delegatee. In the proposed scheme, the semi-trusted proxy can convert the ciphertext encrypted under the delegator’s public key into the ciphertext encrypted under the delegatee’s public key. In addition, only the delegatee’s email gateway with a trapdoor can test whether or not a given cipheretext containing some keyword, but can learn nothing else about the sensitive data of email. We proposed an identity-based proxy re-encryption with keyword search scheme, where the delegator and the delegatee extract keys from a trusted party called the key generator center (KGC), who generates public-private key pair for delegator and delegatee based on their identities. Meanwhile, the identity-based proxy re-encryption with keyword search scheme satisfies the properties of PRE including unidirectionality, multi-use and transparency. Additionally, the proposed scheme is efficient in terms of both computation and communication, and can realize security privacy preserving in cloud computing environments.

Privacy-Preserving Decentralized Key-Policy Attribute-Based Signcryption in Cloud Computing Environments

2013 ◽  
Vol 475-476 ◽  
pp. 1144-1149
Author(s):  
Xian Yong Meng ◽  
Zhong Chen ◽  
Xiang Yu Meng
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Secret Sharing ◽  
Public Key ◽  
Control Scheme ◽  
Public Keys ◽  
Key Policy ◽  
Computing Environments ◽  
Attribute Based Access Control ◽  
Signcryption Scheme

In this paper, a novel decentralized key-policy attribute-based signcryption (ABS) scheme is proposed, where each authority can generate secret-public key pair for the user independently without any cooperation and a centralized authority. In the proposed scheme, each authority can join or leave the system randomly without reinitializing the system,and issue secret-public keys to user respectively. Therefore, it is clear that the multi-authority attribute-based access control scheme can reduce the communication cost and the collaborative computing cost. Additionally, the attribute-based signcryption scheme is efficient in terms of both the identification authentication and the confidential communication, and can realize security secret sharing in cloud computing environments.

HIERARCHICAL IDENTITY-BASED PROXY RE-ENCRYPTION WITHOUT RANDOM ORACLES

2010 ◽  
Vol 21 (06) ◽  
pp. 1049-1063 ◽  
Author(s):  
YANLI REN ◽  
DAWU GU ◽  
SHUOZHONG WANG ◽  
XINPENGU ZHANG
Keyword(s):  
Identity Authentication ◽  
Public Key ◽  
Key Generation ◽  
Encryption Scheme ◽  
Number Of Solutions ◽  
Organizational Hierarchy ◽  
Private Key ◽  
Random Oracles ◽  
Identity Based Encryption ◽  
Identity Based

In a proxy re-encryption scheme, a semi-trusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plaintext. A number of solutions have been proposed in public key settings. Hierarchical identity-based cryptography is a generalization of identity-based encryption that mirrors an organizational hierarchy, which allows a root private key generator to distribute the workload by delegating private key generation and identity authentication to lower-level private key generators. In this paper, we propose a hierarchical identity-based proxy re-encryption (HIBPRE) scheme which achieves IND-PrID-CCA2 security without random oracles. This is the first HIBPRE scheme up to now, and our scheme satisfies unidirectionality, non-interactivity and permits multiple re-encryptions.

An Efficient Identity Based Encryption in Cloud Computing with Outsourced Revocation

2020 ◽  
pp. 72-82
Author(s):  
U. Vijay Sankar ◽  
M. Pavithra ◽  
R Suganya
Keyword(s):  
Cloud Computing ◽  
Cloud Service ◽  
Public Key Infrastructure ◽  
Third Party ◽  
Public Key ◽  
Public Key Encryption ◽  
Private Key ◽  
Identity Based Encryption ◽  
Identity Based ◽  
Key Update

Identity-Based Encryption (IBE) which simplifies the public key and certificate management at Public Key Infrastructure (PKI) is an important alternative to public key encryption. However, one of the main efficiency drawbacks of IBE is the overhead computation at Private Key Generator (PKG) during user revocation. Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate [2]. It aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting. Our scheme offloads most of the key generation related operations during key-issuing and key-update processes to a Key Update Cloud Service Provider, leaving only a constant number of simple operations for PKG and users to perform locally [3]. This goal is achieved by utilizing a novel collusion-resistant technique: we employ a hybrid private key for each user, in which an AND gate is involved to connect and bound the identity component and the time component [4]. Furthermore, we propose another construction which is provable secure under the recently formulized Refereed Delegation of Computation model. Finally, we provide extensive experimental results to demonstrate the efficiency of our proposed construction. In public key encryption every user must have a pair of keys, public key and private key, for encrypting and decrypting messages. An Identity-based encryption (IBE) eliminates the need for a Public Key Infrastructure (PKI). IBE uses the human intelligible identities (e.g., unique name, email address, IP address, etc) as public keys [5]. The sender using IBE encrypts message with the receivers’ identity rather than looking for receivers’ public key and corresponding certificate. Accordingly, receiver decrypts ciphertext using private key associated with the corresponding identity [6]. The private keys of users are obtained from a trusted third party called as Private Key Generator (PKG). The motivation of this paper is to study and review an efficient and secure Identity based encryption scheme with outsourced revocation for cloud computing [7].

scholarly journals BESTIE: Broadcast Encryption Scheme for Tiny IoT Equipment

Electronics ◽  
2020 ◽  
Vol 9 (9) ◽  
pp. 1389
Author(s):  
Jiwon Lee ◽  
Jihye Kim ◽  
Hyunok Oh
Keyword(s):  
The Other ◽  
Public Key ◽  
Broadcast Encryption ◽  
Encryption Scheme ◽  
The Public ◽  
Private Key ◽  
Diffie Hellman ◽  
The Standard Model ◽  
Encryption Decryption ◽  
Subset Difference

In public key broadcast encryption, anyone can securely transmit a message to a group of receivers such that privileged users can decrypt it. The three important parameters of the broadcast encryption scheme are the length of the ciphertext, the size of private/public key, and the performance of encryption/decryption. It is suggested to decrease them as much as possible; however, it turns out that decreasing one increases the other in most schemes. This paper proposes a new broadcast encryption scheme for tiny Internet of Things (IoT) equipment (BESTIE), minimizing the private key size in each user. In the proposed scheme, the private key size is O(logn), the public key size is O(logn), the encryption time per subset is O(logn), the decryption time is O(logn), and the ciphertext text size is O(r), where n denotes the maximum number of users, and r indicates the number of revoked users. The proposed scheme is the first subset difference-based broadcast encryption scheme to reduce the private key size O(logn) without sacrificing the other parameters. We prove that our proposed scheme is secure under q-Simplified Multi-Exponent Bilinear Diffie-Hellman (q-SMEBDH) in the standard model.

scholarly journals Research on User Identity Authentication Based on Two-way Confirmation in Data Transmission

2018 ◽  
Vol 173 ◽  
pp. 03019
Author(s):  
Qin Li ◽  
Caiming Liu ◽  
Siyuan Jing ◽  
Lijun Du
Keyword(s):  
Data Transmission ◽  
Identity Authentication ◽  
Public Key ◽  
Network Environment ◽  
The Public ◽  
Private Key ◽  
Identity Based ◽  
Set Up

User identity authentication is the foundation of data transmission in the complicated network environment. Moreover, the key issue is the effective identity authentication of both sides in data transmission. An authentication method for user identity based on two-way confirmation in data transmission is proposed in this paper. The public key, private key, information of traditional identity authentication, one-time transmission key, timestamp, authentication lifecycle for timestamp and other authentication elements are constructed. Based on guaranteeing the timeliness of data transmission, the two-way user identity authentication process for sending terminal and receiving terminal is set up through using the information of traditional identity authentication and one-time transmission key.

scholarly journals Certificateless Public Key Encryption Scheme with Hybrid Problems and Its Application to Internet of Things

2014 ◽  
Vol 2014 ◽  
pp. 1-9 ◽  
Author(s):  
Rui Guo ◽  
Qiaoyan Wen ◽  
Huixian Shi ◽  
Zhengping Jin ◽  
Hua Zhang
Keyword(s):  
Internet Of Things ◽  
Public Key Cryptography ◽  
Public Key ◽  
Encryption Scheme ◽  
Public Key Encryption ◽  
Certificateless Cryptography ◽  
Diffie Hellman ◽  
Identity Based ◽  
Certificate Management ◽  
Certificateless Public Key Encryption

Certificateless cryptography aims at combining the advantages of public key cryptography and identity based cryptography to avoid the certificate management and the key escrow problem. In this paper, we present a novel certificateless public key encryption scheme on the elliptic curve over the ring, whose security is based on the hardness assumption of Bilinear Diffie-Hellman problem and factoring the large number as in an RSA protocol. Moreover, since our scheme requires only one pairing operation in decryption, it is significantly more efficient than other related schemes. In addition, based on our encryption system, we also propose a protocol to protect the confidentiality and integrity of information in the scenario of Internet of Things with constrained resource nodes.

Pairing-Free Identity-Based Encryption with Authorized Equality Test in Online Social Networks

2019 ◽  
Vol 30 (04) ◽  
pp. 647-664
Author(s):  
Libing Wu ◽  
Yubo Zhang ◽  
Kim-Kwang Raymond Choo ◽  
Debiao He
Keyword(s):  
Social Networking ◽  
Online Social Networks ◽  
Keyword Search ◽  
Public Key ◽  
Encryption Scheme ◽  
Public Key Encryption ◽  
Identity Based Encryption ◽  
Identity Based ◽  
Equality Test ◽  
Chosen Ciphertext Attack

Online social networking applications have become more and more popular in the advance of the technological age. Much of our personal information has been disclosed in social networking activities and privacy-preserving still remains a research challenge in social network. Public key encryption scheme with equality test(PKEET), which is an extension of public key encryption with keyword search (PEKS), seems to be a solution. PKEET enables the tester to check whether two given ciphertexts are derived from the same plaintext. Recently, Zhu et al. proposed a pairing-free public key encryption scheme with equality test based on the traditional public key cryptosystem. However, it suffers from certificates management issue. In this paper, we propose a pairing-free identity-based encryption scheme with authorized equality test(PF-IBEAET). The PF-IBEAET scheme also provides fine-grained authorizations. We prove that the scheme is one way secure against chosen identity and chosen ciphertext attack (OW-ID-CCA) and indistinguishable against chosen-identity and chosen-ciphertext attack (IND-ID-CCA) in the random oracle model (ROM). Performance analysis shows that the scheme achieves a better performance than similar schemes.

Sign in / Sign up

Export Citation Format

Share Document