A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing

Kaitai Liang, Man Ho Allen Au, Joseph K. Liu, Willy Susilo, Duncan S. Wong, Guomin Yang, Tran Viet Xuan Phuong, Qi Xie

Research output: Journal article publicationJournal articleAcademic researchpeer-review

100 Citations (Scopus)


In this paper, for the first time, we define a general notion for proxy re-encryption (PRE), which we call deterministic finite automata-based functional PRE (DFA-based FPRE). Meanwhile, we propose the first and concrete DFA-based FPRE system, which adapts to our new notion. In our scheme, a message is encrypted in a ciphertext associated with an arbitrary length index string, and a decryptor is legitimate if and only if a DFA associated with his/her secret key accepts the string. Furthermore, the above encryption is allowed to be transformed to another ciphertext associated with a new string by a semitrusted proxy to whom a re-encryption key is given. Nevertheless, the proxy cannot gain access to the underlying plaintext. This new primitive can increase the flexibility of users to delegate their decryption rights to others. We also prove it as fully chosen-ciphertext secure in the standard model.
Original languageEnglish
Article number6873259
Pages (from-to)1667-1680
Number of pages14
JournalIEEE Transactions on Information Forensics and Security
Issue number10
Publication statusPublished - 1 Oct 2014


  • chosen-ciphertext security
  • Functional encryption
  • functional proxy re-encryption

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing'. Together they form a unique fingerprint.

Cite this