Broadcast Proxy Reencryption Based on Certificateless Public Key Cryptography for Secure Data Sharing

Broadcast proxy reencryption (BPRE), which combines broadcast encryption (BE) and proxy reencryption (PRE), is a technology used for the redistribution of data uploaded on the cloud to multiple users. BPRE reencrypts data encrypted by the distributor and then uploads it to the cloud into a ciphertext that at a later stage targets multiple recipients. As a result of this, flexible data sharing is possible for multiple recipients. However, various inefficiencies and vulnerabilities of the BE, such as the recipient anonymity problem and the key escrow problem, also creep into BPRE. Our aim in this study was to address this problem of the existing BPRE technology. The partial key verification problem that appeared in the process of solving the key escrow problem was solved, and the computational efficiency was improved by not using bilinear pairing, which requires a lot of computation time.

Privacy-Preserving Scheme in the Blockchain Based on Group Signature with Multiple Managers

Group signature can provide the privacy-preserving authentication mechanism for the blockchain. In the traditional blockchain privacy-preserving scheme based on the group signature, there is only one group manager to revoke the anonymity. Thus, the traditional scheme will have single point of failure and key escrow problems. To solve these problems, we propose a privacy-preserving scheme in the blockchain based on the group signature with multiple managers. Our scheme is constructed based on bilinear pairing and the technique of distributed key generation. Finally, we analyze the application of the proposed scheme in the field of blockchain-based provable data possession (PDP), as well as the correctness and security of the scheme.

A Privacy Preserving and Efficient Multi Authority – CP-ABE Scheme for Secure Cloud Communication

In the cloud computing environment, Multi authority Ciphertext Policy-Attribute Based Encryption (CP-ABE) schemes are used as a key escrow free solution to securely and efficiently share data over cloud. However, the length of ciphertext in existing Multi Authority-CP-ABE schemes increases with the number of attributes in the access policy. Moreover, these schemes do not protect against dishonest attribute authorities. In this paper, a constant length ciphertext Multi Authority-CP-ABE scheme is proposed that reduces the communication overhead over the network. The scheme also prevents dishonest authority from compromising the system. Apart from this, for enhanced privacy of receivers, the access policy is communicated in hidden form. Thus, the presented scheme provides an efficient corrupt resistant, key escrow free Multi Authority-CP-ABE scheme by generating constant length ciphertext and hidden access structure. Results demonstrate the enhanced security and reduced cost of encryption and decryption by 8% and 48% respectively as compared to other existing works.

Improved Identity Based Encryption System (IIBES): A Mechanism for Eliminating the Key-Escrow Problem

A revolutionary change to public-key cryptography can be considered as an Identity Based Cryptography (IBC) in which identity of the receiver is being used as a public key for encrypting a message and Key Generation Centre (KGC). IBC will generate and distribute the private key to each user to decrypt a message. The thought behind presenting the scheme was to improve and reduce the complexity of certificate and key management, but it also gives rise to key escrow problem, access to encrypted information to unauthorized users. The paper represents Improved Identity-Based Encryption Scheme (IIBES) for Domain Name System (DNS) security which provides confidentiality and authentication through modified identity based encryption and identity based digital signatures. The IIBES comprises key revocation mechanism for non-revoked users and also eliminates key escrow problem. Thus, the IIBES aids to implement the identity-based cryptography more safely in reality and protects DNS against cache poisoning, spoofing attack and masquerade attack. Doi: 10.28991/esj-2021-01259 Full Text: PDF

An Efficient and Secure Certificateless Aggregate Signature From Bilinear Maps

Certificateless signature schemes are a very intriguing aspect in information security because of its capability of removing the well-known key escrow problem predominately in ID-based cryptography. He et al. proposed an efficient certificateless aggregate signature scheme and proved that their scheme is secure against all possible types of security attacks. However, the authors still managed to find loopholes in the form of insecurities against ‘honest but curious' and ‘malicious but passive' attacks during cryptanalysis of He et al.'s scheme. The authors propose an efficient certificateless aggregate signature scheme which fills the security gaps in He et al.'s scheme and demonstrate the security in their scheme via a mathematical proof, and reinforce the fact that their scheme is much more efficient in a thorough performance comparison of their scheme against the previous schemes.