Proxy Re-Encryption: Analysis of constructions and its application to secure access delegation

Nuez, David; Agudo, Isaac; López, Javier

doi:10.1016/j.jnca.2017.03.005

Cited by 59 publications

(30 citation statements)

References 72 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Despite using other articles, the researchers did not explore the quantitative techniques that the other researchers used and as such could not ascertain whether the reviewed or cited papers were biased or not. Many other reviews also focused on the descriptive aspects of the di erent encryptions and data security in cloud computing, especially with respect to big data and data science in general [24,20,25]. Sharma [26] and Vivekanand [27] also conducted reviews on security challenges and the homomorphic encryption related solutions and described some of the existing solutions.…”

Section: Contributionmentioning

confidence: 99%

A systematic review on the status and progress of homomorphic encryption technologies

Alloghani

Alani

Al‐Jumeily

et al. 2019

Journal of Information Security and Applications

View full text Add to dashboard Cite

With the emergence of big data and the continued growth in cloud computing applications, serious security and privacy concerns emerged. Consequently, several researchers and cybersecurity experts have embarked on a quest to extend data encryption to big data systems and cloud computing applications. As most cloud users turn to using public cloud services, confidentiality becomes and even more complicated issue. Cloud clients storing their data on a public cloud always seek solutions to confidentiality problem. Homomorphic encryption emerged as a possible solution where client's data is encrypted on the cloud in a way that allows some search and manipulation operations without proper decryption. In this paper, we present a systematic review of research paper published in the field of homomorphic encryption. This paper uses PRISMA checklist alongside some items of Cochrane's Quality Assessment to review studies retrieved from various resources. It was highly noticeable in the reviewed papers that security in big data and cloud computing has received most attention. Most papers suggested the use of homomorphic encryption although the thematic analysis has identified other potential concerns. Regarding the quality of the articles, 38% of the articles failed to meet three checklist items, including explicit statement of research objectives, procedure recognition and sources of funding used in the study. The review also presented compendium textual analysis of di erent homomorphic encryption algorithms, application areas, and areas of future developments. Results of the evaluation through PRISMA and the Cochrane tool showed that a majority of research articles discussed the potential use and application of Homomorphic Encryption as a solution to the growing demands of big data and absence of security and privacy mechanisms therein. This was evident from 26 of the total 59 articles that met the inclusion criteria. The term Homomorphic Encryption appeared 1802 times in the word cloud derived from the selected articles, which speaks of its potential to ensure security and privacy, while also preserving the CIA triad in the context of big data and cloud computing.

show abstract

Section: Contributionmentioning

confidence: 99%

A systematic review on the status and progress of homomorphic encryption technologies

Alloghani

Alani

Al‐Jumeily

et al. 2019

Journal of Information Security and Applications

View full text Add to dashboard Cite

show abstract

“…PRE enables the delegation of decryption rights by a delegator to a delegatee through an intervening proxy [60-63]. The notion is quite intuitive and shown in Figure 3.…”

Section: Introductionmentioning

confidence: 99%

“…Bob requests a re-encryption key to facilitate decryption of Alice’s ciphertext without exposing either party’s secret information. PRE has been generally deployed in the cloud [63-70] for network storage [60], distributed file systems [71], email forwarding [65,71], and information exchange [72]. In health care, it has been suggested to safeguard patient data and identities in cloud-based systems [73,74], secure mobile health monitoring and telehealth [66-68,75], and control disclosure of information in PHRs [65] and health information exchanges [72].…”

Section: Introductionmentioning

confidence: 99%

A Blockchain Framework for Patient-Centered Health Records and Exchange (HealthChain): Evaluation and Proof-of-Concept Study

Hylock¹,

Zeng²

2019

J Med Internet Res

119

View full text Add to dashboard Cite

Background Blockchain has the potential to disrupt the current modes of patient data access, accumulation, contribution, exchange, and control. Using interoperability standards, smart contracts, and cryptographic identities, patients can securely exchange data with providers and regulate access. The resulting comprehensive, longitudinal medical records can significantly improve the cost and quality of patient care for individuals and populations alike. Objective This work presents HealthChain, a novel patient-centered blockchain framework. The intent is to bolster patient engagement, data curation, and regulated dissemination of accumulated information in a secure, interoperable environment. A mixed-block blockchain is proposed to support immutable logging and redactable patient blocks. Patient data are generated and exchanged through Health Level-7 Fast Healthcare Interoperability Resources, allowing seamless transfer with compliant systems. In addition, patients receive cryptographic identities in the form of public and private key pairs. Public keys are stored in the blockchain and are suitable for securing and verifying transactions. Furthermore, the envisaged system uses proxy re-encryption (PRE) to share information through revocable, smart contracts, ensuring the preservation of privacy and confidentiality. Finally, several PRE improvements are offered to enhance performance and security. Methods The framework was formulated to address key barriers to blockchain adoption in health care, namely, information security, interoperability, data integrity, identity validation, and scalability. It supports 16 configurations through the manipulation of 4 modes. An open-source, proof-of-concept tool was developed to evaluate the performance of the novel patient block components and system configurations. To demonstrate the utility of the proposed framework and evaluate resource consumption, extensive testing was performed on each of the 16 configurations over a variety of scenarios involving a variable number of existing and imported records. Results The results indicate several clear high-performing, low-bandwidth configurations, although they are not the strongest cryptographically. Of the strongest models, one’s anticipated cumulative record size is shown to influence the selection. Although the most efficient algorithm is ultimately user specific, Advanced Encryption Standard–encrypted data with static keys, incremental server storage, and no additional server-side encryption are the fastest and least bandwidth intensive, whereas proxy re-encrypted data with dynamic keys, incremental server storage, and additional server-side encryption are the best performing of the strongest configurations. Conclusions Blockchain is a potent and viable technology for patient-centered access to and exchange of health information. By integrating a structured, interoperable design with patient-accumulated and generated data shared through smart contracts into a universally accessible blockchain, HealthChain presents patients and providers with access to consistent and comprehensive medical records. Challenges addressed include data security, interoperability, block storage, and patient-administered data access, with several configurations emerging for further consideration regarding speed and security.

show abstract

“…The authorized users can decrypt the message. PRE makes itself useful in various fields such as encrypted email forwarding, cloud storage, digital rights management, distributed file systems, and public transportation privacy . Proxy re‐encryption is classified as unidirectional in which the proxy can metamorphose ciphertext from user A to user B and biredictional, which works in both directions.…”

Section: Introductionmentioning

confidence: 99%

Secure sharing of mobile personal healthcare records using certificateless proxy re‐encryption in cloud

Bhatia

Verma

Sharma

2018

Trans Emerging Tel Tech

View full text Add to dashboard Cite

The ubiquitous and timely access to personal health records help physicians to take critical decisions and save lives. Cloud computing has a potential to provide ubiquitous and on‐demand instant access to common pool of shared resources and services to various stakeholders involved in electronic healthcare industry such as patients, healthcare professionals, insurance companies, etc. The speedy evolution and adoption of cloud computing in electronic healthcare systems have inevitably raised concerns enveloping outsourced data in a myriad of safety issues. In this paper, cryptanalysis of Qin's scheme is performed breaching confidentiality of their scheme. We further proposed a lightweight and pairing free single‐hop unidirectional certificateless proxy re‐encryption scheme based on elliptic curves for secure sharing of mobile personal health records with public cloud competent for low‐power mobile devices. In certificateless proxy re‐encryption, patients encrypt the data with their public keys before outsourcing to the cloud and cloud resident semitrusted proxy further re‐encrypts into ciphertext under intended recipient's public key without learning anything about encrypted message. We prove its security through formal analysis against chosen ciphertext attack in the random oracle model. Our proposed scheme is more efficient and suitable for low‐power mobile devices in comparison with existing schemes.

show abstract

Proxy Re-Encryption: Analysis of constructions and its application to secure access delegation

Cited by 59 publications

References 72 publications

A systematic review on the status and progress of homomorphic encryption technologies

A systematic review on the status and progress of homomorphic encryption technologies

A Blockchain Framework for Patient-Centered Health Records and Exchange (HealthChain): Evaluation and Proof-of-Concept Study

Secure sharing of mobile personal healthcare records using certificateless proxy re‐encryption in cloud

Contact Info

Product

Resources

About