TY - GEN
T1 - Achieving flexibility for ABE with outsourcing via proxy re-encryption
AU - Yu, Zuoxia
AU - Au, Man Ho
AU - Yang, Rupeng
AU - Lai, Junzuo
AU - Xu, Qiuliang
N1 - Publisher Copyright:
© 2018 Association for Computing Machinery.
PY - 2018/5/29
Y1 - 2018/5/29
N2 - Outsourcing the decryption of attribute-based encryption (ABE) ciphertext is a promising way to tackle the question of how users can perform decryption efficiently. However, existing solutions require the type of the target ciphertext to be determined at the setup of the outsourcing scheme. As such, making the target cryptosystems (or the clients) to be versatile becomes an issue that warrants investigations. In this paper, the problem we wish to tackle is to transform an ABE ciphertext to any client who is using the same, or possibly different, public-key encryption (PKE) system with the sender. The problem is of practical interest since it is hard to require all clients to use the same PKE, especially in the case of remote and cross-system data sharing. In addition, we also consider whether robust client-side decryption scheme can be adopted. This feature is not supported in the existing ABE with outsourcing. We introduce cross-system proxy re-encryptions (CS-PRE), a new re-encryption paradigm in which a semi-trusted proxy converts a ciphertext of a source cryptosystem (Π0) into a ciphertext for a target cryptosystem (Π). We formalize CS-PRE and present a construction that performs well in the following aspects. (1)Ver-satility: Π0 can be any attribute-based encryption (ABE) within Attrapadung's pair encoding framework. Π can be any public-key encryption. Furthermore, the keys and public parameters can be generated independently. (2) Compatibility: CS-PRE does not modify the public parameters and keys of Π0 and Π. Besides, input for the conversion is an ordinary ciphertext of Π0. (3) Efficiency: The computational cost for re-encryption and decryption of the re-encrypted ciphertext are roughly the same as a decryption in Π0 and Π respectively. We prove that our construction is fully secure assuming Π0 is secure in Attrapadung's framework and Π is IND-CPA secure. Furthermore, it remains secure when there are multiple target cryptosystems. As with other proxy re-encryption, CS-PRE enables flexible sharing of cloud data, as the owner can instruct the cloud server to re-encrypt his ciphertext to those for the intended recipient. In addition, it allows lightweight devices to enjoy access to remote data encrypted under powerful but possibly costly encryption, such as functional encryption, by utilizing the server's power in converting the ciphertext to a simpler encryption, such as RSA-OAEP. Finally, instances of CS-PRE can be viewed as new proxy re-encryption schemes, such as a PRE supporting ABE for regular language to Hierarchical IBE or Doubly Spatial Encryption to lattice-based encryptions (e.g. NTRUCCA).
AB - Outsourcing the decryption of attribute-based encryption (ABE) ciphertext is a promising way to tackle the question of how users can perform decryption efficiently. However, existing solutions require the type of the target ciphertext to be determined at the setup of the outsourcing scheme. As such, making the target cryptosystems (or the clients) to be versatile becomes an issue that warrants investigations. In this paper, the problem we wish to tackle is to transform an ABE ciphertext to any client who is using the same, or possibly different, public-key encryption (PKE) system with the sender. The problem is of practical interest since it is hard to require all clients to use the same PKE, especially in the case of remote and cross-system data sharing. In addition, we also consider whether robust client-side decryption scheme can be adopted. This feature is not supported in the existing ABE with outsourcing. We introduce cross-system proxy re-encryptions (CS-PRE), a new re-encryption paradigm in which a semi-trusted proxy converts a ciphertext of a source cryptosystem (Π0) into a ciphertext for a target cryptosystem (Π). We formalize CS-PRE and present a construction that performs well in the following aspects. (1)Ver-satility: Π0 can be any attribute-based encryption (ABE) within Attrapadung's pair encoding framework. Π can be any public-key encryption. Furthermore, the keys and public parameters can be generated independently. (2) Compatibility: CS-PRE does not modify the public parameters and keys of Π0 and Π. Besides, input for the conversion is an ordinary ciphertext of Π0. (3) Efficiency: The computational cost for re-encryption and decryption of the re-encrypted ciphertext are roughly the same as a decryption in Π0 and Π respectively. We prove that our construction is fully secure assuming Π0 is secure in Attrapadung's framework and Π is IND-CPA secure. Furthermore, it remains secure when there are multiple target cryptosystems. As with other proxy re-encryption, CS-PRE enables flexible sharing of cloud data, as the owner can instruct the cloud server to re-encrypt his ciphertext to those for the intended recipient. In addition, it allows lightweight devices to enjoy access to remote data encrypted under powerful but possibly costly encryption, such as functional encryption, by utilizing the server's power in converting the ciphertext to a simpler encryption, such as RSA-OAEP. Finally, instances of CS-PRE can be viewed as new proxy re-encryption schemes, such as a PRE supporting ABE for regular language to Hierarchical IBE or Doubly Spatial Encryption to lattice-based encryptions (e.g. NTRUCCA).
KW - Attribute-based encryption
KW - Cross-system
KW - Pair encoding
KW - Proxy re-encryption
KW - Public-key encryption
UR - http://www.scopus.com/inward/record.url?scp=85049212578&partnerID=8YFLogxK
U2 - 10.1145/3196494.3196557
DO - 10.1145/3196494.3196557
M3 - Conference article published in proceeding or book
AN - SCOPUS:85049212578
T3 - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
SP - 659
EP - 672
BT - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
PB - Association for Computing Machinery, Inc
T2 - 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018
Y2 - 4 June 2018 through 8 June 2018
ER -