Recently, a number of extended Proxy Re-Encryptions (PRE), e.g. Conditional (CPRE), Identity-Based PRE (IPRE) and Broadcast PRE (BPRE), have been proposed for flexible applications. By incorporating CPRE, IPRE and BPRE, this paper proposes a verstatile primitive referred to as Conditional Identity-based Broadcast PRE (CIBPRE) and formalizes its semantic security. CIBPRE allows a sender to encrypt a message to multiple receivers by specifying these receivers' identities, and the sender can delegate a re-encryption key to a proxy so that he can convert the initial ciphertext into a new one to a new set of intended receivers. Moreover, the re-encryption key can be associated with a condition such that only the matching ciphertexts can be re-encrypted, which allows the original sender to enforce access control over his remote ciphertexts in a fine-grained manner. We propose an efficient CIBPRE scheme with provable security. In the instantiated scheme, the initial ciphertext, the re-encrypted ciphertext and the re-encryption key are all in constant size, and the parameters to generate a re-encryption key is independent of the original receivers of any initial ciphertext. Finally, we show an application of our CIBPRE to secure cloud email system advantageous over existing secure email systems based on Pretty Good Privacy protocol or Identity-Based Encryption.[4], [5], [6], [7], [8] were proposed so that the receivers' recognizable identities can serve as public keys. Instead of fetching and verifying the receivers' certificates, the sender and the proxy just need to know the receivers' identities, which is more convenient in practice.PRE and IPRE allows a single receiver. If there are more receivers, the system needs to invoke PRE or IPRE multiple times. To address this issue, the concept of Broadcast PRE (BPRE) has been proposed [9]. BPRE works in a similar way as PRE and IPRE but more versatile. In contrast, BPRE allows a sender to generate an initial ciphertext to a receiver set, instead of a single receiver. Further, the sender can delegate a re-encryption key associated with another receiver set so that the proxy can re-encrypt to.The above PRE schemes only allows the re-encryption procedure is executed in an all-or-nothing manner. The proxy can either re-encrypt all the initial ciphertexts or none of them. This coarse-gained control over ciphertexts to be re-encrypted may limit the application of PRE systems. To fill this gap, a refined concept referred to as Conditional PRE (CPRE) has been proposed. In CPRE schemes [6], [7], [8], [9], [10], [11], [12], [13], a sender can enforce fine-grained re-encryption control over his initial ciphertexts. The sender achieves this goal by associating a condition with a re-encryption key. Only the ciphertexts meeting the specified condition can be re-encrypted by the proxy holding the corresponding reencryption key.A recent conditional proxy broadcast re-encryption scheme [14] allows the senders to control the time to reencrypt their initial ciphertexts. When a sender generat...
The industrial Internet of Things is flourishing, which is unprecedentedly driven by the rapid development of wireless sensor networks (WSNs) with the assistance of cloud computing. The new wave of technology will give rise to new risks to cyber security, particularly the data confidentiality in cloud-assisted WSNs (CWSNs). Searchable public-key encryption (SPE) is a promising method to address this problem. In theory, it allows sensors to upload public-key ciphertexts to the cloud, and the owner of these sensors can securely delegate a keyword search to the cloud and retrieve the intended data while maintaining data confidentiality. However, all existing and semantically secure SPE schemes have expensive costs in terms of generating ciphertexts and searching keywords. Hence, this paper proposes a lightweight SPE (LSPE) scheme with semantic security for CWSNs. LSPE reduces a large number of the computation-intensive operations that are adopted in previous works; thus, LSPE has search performance close to that of some practical searchable symmetric encryption schemes. In addition, LSPE saves considerable time and energy costs of sensors for generating ciphertexts. Finally, we experimentally test LSPE and compare the results with some previous works to quantitatively demonstrate the above advantages.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.