Proxy re-encryption for fine-grained access control: Its applicability, security under stronger notions and performance

Abstract

Proxy Re-encryption (PRE) offers an efficient solution for enforcing access control on outsourced data through delegation of decryption rights of a delegator to a delegatee. However, to meet practical security requirements of an access control model, the delegator must control these delegations such that a re-encryption key enables the delegation of decryption rights of only a subset of the delegator’s ciphertexts. In this paper, we focus on a category of PRE-based primitives, which we refer to as “PRE with controlled delegation”. In these primitives, instead of the re-encryption key alone, the re-encryption key and authorization of the delegatee for a data item collectively determine whether the ciphertext transformation results in a valid re-encrypted ciphertext under the delegatee’s public key. This paper provides an exhaustive functional, security and performance analysis of all the existing schemes for PRE with controlled delegation in a concrete fine-grained access control model. We show that the traditional PRE security notions are insufficient to address all the security aspects of the access control model. Motivated by our analysis, we formulate stronger security notions and state the desirable efficiency requirements for PRE schemes applicable in the concrete fine-grained access control model. We show the validity of the proposed security notions by formally proving the insecurity of a conventional PRE scheme and security of one of the PRE schemes with controlled delegation under the proposed stronger PRE security notions. We critically analyze all schemes for PRE with controlled delegation under the proposed stronger security notions and with respect to the efficiency requirements. We show that no scheme for PRE with controlled delegation simultaneously satisfies the efficiency and security requirements formulated in this paper. Finally, we present possible future research directions to obtain a PRE-based solution that is secure under the proposed stronger security notions and satisfies all desirable performance requirements in a fine-grained access control model.