Abstract
The ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) scheme supports access control and can transform a ciphertext under an access policy to a ciphertext under another access policy without decrypting the ciphertexts, which is flexible and efficient for cloud sharing. The existing CP-ABPRE schemes are constructed by bilinear pairing or multi-linear maps which are fragile when the post-quantum future comes. This paper presents an efficient unidirectional single-hop CP-ABPRE scheme with small public parameters from a lattice. For the transformation between two access structures, they are required to be disjoint. This paper uses the trapdoor sampling technique to generate the decryption key and the re-encryption key in constructing the scheme, and uses the decompose vectors technique to produce the re-encrypted ciphertexts in order to control their noise. Finally, we extended the scheme to a unidirectional single-hop CP-ABPRE scheme with keyword search for searching the encrypted data. Both schemes were proved secure under the learning with errors assumption, which is widely believed to be secure in quantum computer attacks. To the best of our knowledge, our scheme is the first CP-ABPRE scheme based on the learning with errors assumption.
Highlights
The encryption of cloud data can protect the security of data effectively
(2) We constructed a CP-attribute-based proxy re-encryption (ABPRE) scheme based on the new CP-Attribute-based encryption (ABE) scheme by using trapdoor sampling from learning with errors (LWE), which is widely believed to be secure in quantum computer attacks
(3) Compared with the Proxy re-encryption (PRE) based on LWE, our scheme is the first CP-ABPRE scheme based on LWE
Summary
The encryption of cloud data can protect the security of data effectively. There are two types of encryption system: symmetric and asymmetric. By assigning common attributes of these decryptors, a user can use ABE to encrypt data and store the encrypted data in the cloud for sharing data, protecting privacy, and obtaining fine-grained access control. (private key) is associated with an access structure W over attributes, and the private key can decrypt the ciphertext if and only if S satisfies W. Using CP-ABE, a user (e.g., Alice) can encrypt her data under access structure W, any user with attribute S can decrypt the encrypted data, where S satisfies W. If Alice wants to share the encrypted data with Bob, but the attribute set of Bob does not satisfy W, Bob can not get them from the cloud. Alice needs to download and decrypt the ciphertext, and encrypt the data with another access structure W 0. CP-ABPRE with keyword search (CP-ABPRE-KS), which can achieve the data sharing effectively, but can search the encrypted data
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
