Proxy Re-encryption from Lattices

Kirshanova, Elena

doi:10.1007/978-3-642-54631-0_5

Cited by 60 publications

(45 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At last, the Dodis/Ivan framework has noteworthy security suggestions: plot between the proxy and delegate brings about a framework wide trade off, permitting the colluders to remake the IBE ace mystery. As of late, Boneh, Goh and Matsuo [8] introduced a half breed type of proxy re-encryption in light of IBE. In such plans, the PKG plays out all assignments; along these lines clients can't perform disconnected ("non-intuitive") assignments and every designation requires an expensive online demand to the PKG.…”

Section: Ijsrnetmentioning

confidence: 99%

A Survey on Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud

2017

IJSR

View full text Add to dashboard Cite

Section: Ijsrnetmentioning

confidence: 99%

A Survey on Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud

2017

IJSR

View full text Add to dashboard Cite

“…The separations we present further support the importance of the re-encryption oracle, since we show that when it leaks re-encryption keys, the scheme cannot achieve a proper security notion for PRE. • In light of this formalization, we show how a recent "CCA1-secure" proxy re-encryption scheme from PKC 2014 [9] does not actually achieve a meaningful chosenciphertext security notion for PRE, since it breaks when one considers an oracle for re-encryption. The methodology described for this attack, based on the leakage of reencryption keys, can be used for analyzing other schemes, and supports the principle that PRE schemes should not leak re-encryption keys.…”

Section: Contributionsmentioning

confidence: 99%

“…Figure 1 shows the relations among plaintext and ciphertext spaces for different kinds of PRE schemes, where (1a) represents PRE schemes with a single ciphertext space, while (1b) shows the case of two ciphertext spaces. Examples of PRE schemes with a single ciphertext space are [6], [7], [9], [13], while [3], [18], [11] are schemes with two ciphertext spaces. The former are usually associated with multi-hop PRE schemes, although there are some recent single-hop schemes based on lattices that also present this characteristic [9], [13].…”

Section: A Syntax Of Pre Schemesmentioning

confidence: 99%

“…Thus, PRE schemes in the literature aim to achieve IND-CPA [3], IND-CCA1 [9] and IND-CCA2 [7] security. However, the desired security notions are often defined in an ad-hoc manner for each scheme, with subtle variations and restrictions, caused by the lack of established definitions of the security notions of PRE, and ultimately, of the attack models, which in the case of PRE are potentially richer than in PKE because of the possibility of re-encryption.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Parametric Family of Attack Models for Proxy Re-encryption

Núñez

Agudo

López

2015

2015 IEEE 28th Computer Security Foundations Symposium

View full text Add to dashboard Cite

Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) that provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and reencryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from "plain" IND-CPA to "full" IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent "CCA1secure" scheme from PKC 2014 whose security model does not capture chosen-ciphertext attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.

show abstract

“…Guo et al exhibited a non-intuitive CPA (picked plaintext assault)-secure intermediary reencryption plot, which is impervious to conspiracy assaults in producing re-encryption keys [7]. Numerous other solid intermediary re-encryption plans and their applications are additionally proposed [8]- [10].…”

Section: Related Workmentioning

confidence: 99%

Unique Data Integrity in Public Cloud

Veeramma¹,

Gaol²,

Chi³

2013

IJRIA

View full text Add to dashboard Cite

An ever increasing number of clients might want to store their information to public cloud servers (PCSs) information transferring and remote information honesty checking model in identity-based public key cryptography: identity-based proxy-oriented data uploading and remote data integrity checking in public cloud (ID-PUIC). We give the formal definition, framework model, and security display. At that point, a solid ID-PUIC convention is composed utilizing the bilinear pairings. The proposed ID-PUIC convention is provably

show abstract

Proxy Re-encryption from Lattices

Cited by 60 publications

References 18 publications

A Survey on Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud

A Survey on Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud

A Parametric Family of Attack Models for Proxy Re-encryption

Unique Data Integrity in Public Cloud

Contact Info

Product

Resources

About