Delegation Scheme based on Proxy Re-encryption in Cloud Environment

Similar documents
Inter-domain Identity-based Proxy Re-encryption

Group-based Proxy Re-encryption Scheme Secure against Chosen Ciphertext Attack

A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.

An IBE Scheme to Exchange Authenticated Secret Keys

Attribute-based encryption with encryption and decryption outsourcing

On the Security of a Certificateless Public-Key Encryption

Vol-3 Issue INTRODUCTION IJARIIE-ISSN (O)

ZigBee Security Using Attribute-Based Proxy Re-encryption

REMOVE KEY ESCROW FROM THE IDENTITY-BASED ENCRYPTION SYSTEM

Collusion-Resistant Identity-based Proxy Re-encryption

Identity-Based Threshold Cryptography for Electronic Voting

IMPLEMENTATION OF E-HEALTH CLOUD SYSTEM USING TIMING ENABLED PROXY RE-ENCRYPTION FUNCTION (RE-DTPECK)

An Encryption Scheme for a Secure Policy Updating

Verifiably Encrypted Signature Scheme with Threshold Adjudication

Secure Data Storage and Data Retrieval in Cloud Storage using Cipher Policy Attribute based Encryption

Remove Key Escrow from The Identity-Based Encryption System

MTAT Research Seminar in Cryptography IND-CCA2 secure cryptosystems

Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing

CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts

On the Security of Group-based Proxy Re-encryption Scheme

Multi-authority attribute based encryption with honest-but-curious central authority

Key-Policy Attribute-Based Encryption

ID-Based Multi-Proxy Signature and Blind Multisignature from Bilinear Pairings

Brief Introduction to Provable Security

A New Hierarchical ID-Based Cryptosystem and CCA-Secure PKE

Conjunctive Keyword Search with Designated Tester and Timing Enabled Proxy Re-Encryption Function for Electronic Health Cloud

On the Security of an Efficient Group Key Agreement Scheme for MANETs

Delegatability of an Identity Based Strong Designated Verifier Signature Scheme

Security Analysis of Batch Verification on Identity-based Signature Schemes

Security Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13

Inter-Domain Identity-based Authenticated Key Agreement Protocol from the Weil Pairing

An Efficient ID-KEM Based On The Sakai Kasahara Key Construction

Hierarchical Identity-Based Online/Offline Encryption

A Hierarchical Key Management Scheme for Wireless Sensor Networks Based on Identity-based Encryption

Simple and Efficient Threshold Cryptosystem from the Gap Diffie-Hellman Group

Multi-authority attribute based encryption with honest-but-curious central authority

Towards Secure Virtual Machine Migration in Vehicular Cloud Environment

HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES

ISSN: (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies

Public Key Broadcast Encryption

Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms

Improved Delegation Of Computation Using Somewhat Homomorphic Encryption To Reduce Storage Space

Elastic Block Ciphers: The Feistel Cipher Case

Keywords: Multi-authority attribute based encryption, key policy, ciphertext policy, central authority free

Identity-Based Proxy Re-Encryption

ADVANCES in NATURAL and APPLIED SCIENCES

An improved pairing-free identity-based authenticated key agreement protocol based on ECC

LIGHTWEIGHT TRUSTED ID-BASED SIGNCRYPTION SCHEME FOR WIRELESS SENSOR NETWORKS

Group Authentication Using The Naccache-Stern Public-Key Cryptosystem

Implementation of IBE with Outsourced Revocation technique in Cloud Computing

Practical RSA Threshold Decryption for Things That Think

Improved Multi-Dimensional Meet-in-the-Middle Cryptanalysis of KATAN

Session Based Ciphertext Policy Attribute Based Encryption Method for Access Control in Cloud Storage

A Mutual Authentication Protocol Which Uses Id for Security from Privileged Insider Attacks

Cryptographic Concepts

ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM

Improved Multi-Dimensional Meet-in-the-Middle Cryptanalysis of KATAN

Key Escrow free Identity-based Cryptosystem

Secure Data Sharing in Cloud Computing: Challenges and Research Directions

Attribute Based Encryption with Privacy Protection in Clouds

An Efficient Privacy Preserving Keyword Search Scheme in Cloud Computing

Efficient Compilers for Authenticated Group Key Exchange

Three Levels of Access Control to Personal Health Records in a Healthcare Cloud

A General Analysis of the Security of Elastic Block Ciphers

Cryptanalysis on Two Certificateless Signature Schemes

Cryptographic Systems

Meet-in-the-middle Attack on the 6-round Variant of the Block Cipher PRINCE

Dual-server public-key encryption with keyword search for secure cloud storage

SECURE SYSTEM USING S/MIME AND IB-PKC

Cascaded Authorization with Anonymous-Signer Aggregate Signatures

An Efficient Certificateless Proxy Re-Encryption Scheme without Pairing

CS408 Cryptography & Internet Security

Security of Identity Based Encryption - A Different Perspective

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Efficient Multi-receiver identity-based encryption and its application to broadcast encryption

Encryption Details COMP620

Public-Key Cryptanalysis

Insecurity of an Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption Scheme

Security Analysis of Shim s Authenticated Key Agreement Protocols from Pairings

A Novel Identity-based Group Signature Scheme from Bilinear Maps

Secure Conjunctive Keyword Searches For Unstructured Text

Authenticated Deniable Internet Key Exchange

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

On the Diculty of Software Key Escrow. Abstract. At Eurocrypt'95, Desmedt suggested a scheme which allows individuals to encrypt

Nowadays, online social networks are on the boom. Everyday application developers come up with new social

arxiv: v1 [cs.cr] 17 Jun 2012

Extended Diffie-Hellman Technique to Generate Multiple Shared Keys at a Time with Reduced KEOs and its Polynomial Time Complexity

A Two-Fold Authentication Mechanism for Network Security

ID-based cryptography using symmetric primitives

Key Exchange. Secure Software Systems

(In)security of ecient tree-based group key agreement using bilinear map

Chongqing, China. *Corresponding author. Keywords: Wireless body area network, Privacy protection, Data aggregation.

Group Oriented Identity-Based Deniable Authentication Protocol from the Bilinear Pairings

Cascaded Authorization with Anonymous-Signer Aggregate Signatures

EFFICIENT REVOCATION AND SECURE ATTRIBUTE-BASED PROXY RE-ENCRYPTION SCHEME

Proxy re encryption schemes for IoT and crowd sensing

Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption

A Novel Model for Encryption of Telugu Text Using Visual Cryptography Scheme

Sensitive Information Protection on Mobile Devices Using General Access Structures

PROGRAM obfuscation is the process of making it unintelligible

Transcription:

Vol.133 (Information Technology and Computer Science 2016), pp.122-126 http://dx.doi.org/10.14257/astl.2016. Delegation Scheme based on Proxy Re-encryption in Cloud Environment You-Jin Song Department of Management, Dongguk University, 707 Seokjang-dong, Gyeongju, Gyeongsangbuk-do, 780-714, Korea {song@dongguk.ac.kr} Corresponding Author : song@dongguk.ac.kr Abstract. In existing PRE system, there are restrictions according to disagreement on delegation, delegatee and proxy s collusion possibility. Therefore a system to adjust decryption privilege delegated to a delegatee using multi-proxy is required. This study defines a multi-proxy re-encryption technique based on quorum controlled asymmetric PRE under the agreement of proxy with more than threshold. Keywords: Threshold delegation, Proxy re-encryption, Multi proxy, Cloud. 1 Introduction In and outside of public institutions, the demand for secondary use of personal health information recently increases, due to research purpose and so on. Secondary use means patient s personal health data is used for the purpose other than treatment. Namely, it means using personal health information without direct bearings with treatment. For instance, let s assume that a researcher of a local non-profit organization wants to look at the records of all patients treated for breast cancer last year, since the researcher researches cancer treatment. To read/inspect patients records, the relevant personal information needs to be removed so that the researcher cannot identify who the patients are. In doing so, such an act should be consented by each patient. The researcher needs to receive a waiver from the organizations allowing the disclosure of records without removing personal information, such as institutional review board and privacy commission. This study proposes a proxy re-encryption system through which medical information can be utilized in and outside of a medical institution through the permission of record disclosure by the institutional review board and privacy commission playing a multi-prosy role. ISSN: 2287-1233 ASTL Copyright 2016 SERSC

2 Related Research 2.1 Bilinear Maps The bilinear map ( is output space of bilinear map) has the following properties on two cyclic groups. [7] Bilinear: is established on all, and all. Nondegenerate: on the generator. Computable: An efficient algorithm computing on all and exists. 2.2 ID-based Cryptography System ID-based cryptography system [1] is a system using receiver s ID upon encryption. It is a system for a cryptogram receiver to decrypt by drawing private key from PKG. IDbased cryptography system was proposed by A Shamir in 1984 for the first time. Under the assumption that computation of an assumption problem is difficult, it was proved that it is safe from CAP (chosen plaintext attack) in a random Oracle model. EDH (Bilinear Diffie-Hellman) assumption, which becomes the ID-based cryptography system s basis of safety, can be reviewed as follows. [7] - Decisional BDH Assumption Set up T G randomly. and cannot be identified with more than 1/2 probability by algorithm within polynomial time. - Computational BDH Assumption Set up randomly. cannot be computed by algorithm within polynomial time. 2.3 Proxy Re-encryption A variety of modes delegating decryption privilege are proposed through proxy reencryption (PRE). [2][3][4] PRE is a technique to conduct re-encryption with a re-encryption key so that decryption of cryptogram encrypted with delegator s public key becomes possible using delegatee s private key. Proxy may exclude a possibility of delegator s private key exposure by re-encryption without decryption of delegator s ciphertext. Copyright 2016 SERSC 123

2.4 Dynamic Threshold Cryptography[6] The participants agree to use and generator together. Compute public key after selecting private key. Deliver a message to a receiver through encryption as follows, and compute and after selecting random. Select a random polynomial expression, where. Compute share with each participant s eigen value. A sender outputs. Concerning the attributes subset granted with the privilege of participants with more than threshold t, each participant computes the value of and sends it to the sender for decryption. The sender can calculate, the original message by calculating the inverse number, after computing. The proposed system is to divide with, value computed with random polynomial expression, based on proxy s ID. After each proxy computes, ( ) value is restored through the set of quorum servers with more than threshold k. 3 Proposed Scheme An ID-based multi-proxy re-encryption technique divides part of cryptogram encrypted with delegator s ID as share using multi proxy s ID. It is to generate part of re-encrypted cryptogram (U') with restored value by a certain share, and to re-encrypt it so that the restored part can be decrypted with delegatee s private key through re-encryption key (rk). 124 Copyright 2016 SERSC

3.1 Overview Fig. 1. Proposed Scheme In [Figure 1], a patient (delegator) computes random to delegate privilege to an institution and individual (delegate), and generates a cryptogram using and. The delegator sends the cryptogram to a policy administrator, and also sends the share value on using proxies IDs to the institutional review board and privacy commission. When an agreement on the value having more than threshold, send the generated value ( ) to the policy administrator, generate the re-encrypted cryptogram using, once final decision is made according to the policy. And then send it to the researcher who utilizes the secondary use. The researcher receiving the re-encrypted cryptogram can decrypt it through his/her own private key. 4 Conclusions This study proposed a system utilizing the secondary use of medical data safely by using an ID-based multi-proxy re-encryption technique. As a further task, various sharing schemes, such as an XOR secret sharing scheme and a secret sharing system that can be re-used, need to be applied for more efficient sharing. A study on differentiation of multi-proxy s share restoring capacity, namely on proxy stratification by awarding weighted values is planned to be undertaken. Copyright 2016 SERSC 125

Acknowledgments This work was supported by the Dongguk University Research Fund of 2016. References 1. D. Boneh and M. Franklin, Identity based encryption from the Weil pairing, Proc. of Crypto 2001, LNCS 2139, Springer-Verlag, pp. 213-229, 2001. 2. M. Green and G. Ateniese, Identity-based proxy re-encryption, Cryptology eprint Archive, Report 2006/473, 2006. 3. Y. Dodis and A. Ivan, Proxy cryptography revisited, In Network and Distributed System Security Symposium, February 2003. 4. L Ibraimi, Q Tang, P Hartel, W Jonker, A Type-and-Identity-based Proxy Re-Encryption Scheme and its Application in Healthcare, Lecture Notes in Computer Science, 2008. 5. DE Geer, M Yung, Split-and-delegate: Threshold cryptography for the masses, Lecture Notes in Computer Science, 2003. 6. M Jakobsson, On quorum controlled asymmetric proxy re-encryption, Lecture notes in computer science, 1999 7. Hossein Ghodosi, Josef Pieprzyk, Rei Safavi-Naini, Dynamic Threshold Cryptosystems(A New Scheme in Group Oriented Cryptography), Proceedings of PRAGOCRYPT 126 Copyright 2016 SERSC

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback