Achieving flexibility for ABE with outsourcing via proxy re-encryption

Zuoxia Yu, Man Ho Au, Rupeng Yang, Junzuo Lai, Qiuliang Xu

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

2 Citations (Scopus)


Outsourcing the decryption of attribute-based encryption (ABE) ciphertext is a promising way to tackle the question of how users can perform decryption efficiently. However, existing solutions require the type of the target ciphertext to be determined at the setup of the outsourcing scheme. As such, making the target cryptosystems (or the clients) to be versatile becomes an issue that warrants investigations. In this paper, the problem we wish to tackle is to transform an ABE ciphertext to any client who is using the same, or possibly different, public-key encryption (PKE) system with the sender. The problem is of practical interest since it is hard to require all clients to use the same PKE, especially in the case of remote and cross-system data sharing. In addition, we also consider whether robust client-side decryption scheme can be adopted. This feature is not supported in the existing ABE with outsourcing. We introduce cross-system proxy re-encryptions (CS-PRE), a new re-encryption paradigm in which a semi-trusted proxy converts a ciphertext of a source cryptosystem (Π0) into a ciphertext for a target cryptosystem (Π). We formalize CS-PRE and present a construction that performs well in the following aspects. (1)Ver-satility: Π0 can be any attribute-based encryption (ABE) within Attrapadung's pair encoding framework. Π can be any public-key encryption. Furthermore, the keys and public parameters can be generated independently. (2) Compatibility: CS-PRE does not modify the public parameters and keys of Π0 and Π. Besides, input for the conversion is an ordinary ciphertext of Π0. (3) Efficiency: The computational cost for re-encryption and decryption of the re-encrypted ciphertext are roughly the same as a decryption in Π0 and Π respectively. We prove that our construction is fully secure assuming Π0 is secure in Attrapadung's framework and Π is IND-CPA secure. Furthermore, it remains secure when there are multiple target cryptosystems. As with other proxy re-encryption, CS-PRE enables flexible sharing of cloud data, as the owner can instruct the cloud server to re-encrypt his ciphertext to those for the intended recipient. In addition, it allows lightweight devices to enjoy access to remote data encrypted under powerful but possibly costly encryption, such as functional encryption, by utilizing the server's power in converting the ciphertext to a simpler encryption, such as RSA-OAEP. Finally, instances of CS-PRE can be viewed as new proxy re-encryption schemes, such as a PRE supporting ABE for regular language to Hierarchical IBE or Doubly Spatial Encryption to lattice-based encryptions (e.g. NTRUCCA).

Original languageEnglish
Title of host publicationASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Number of pages14
ISBN (Electronic)9781450355766
Publication statusPublished - 29 May 2018
Event13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 - Incheon, Korea, Republic of
Duration: 4 Jun 20188 Jun 2018

Publication series

NameASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security


Conference13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018
Country/TerritoryKorea, Republic of


  • Attribute-based encryption
  • Cross-system
  • Pair encoding
  • Proxy re-encryption
  • Public-key encryption

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Software


Dive into the research topics of 'Achieving flexibility for ABE with outsourcing via proxy re-encryption'. Together they form a unique fingerprint.

Cite this