Conditional Attribute-Based Proxy Re-Encryption

Proxy re-encryption (PRE) is a cryptographic primitive that allows a semi-trusted proxy to transfer the decryption rights of ciphertexts in a secure and privacy-preserving manner. This versatile primitive has been extended to several powerful variants, leading to numerous applications, such as e-mail forwarding and content distribution. One such variant is attribute-based PRE (AB-PRE), which provides an expressible access control mechanism by allowing the proxy to switch the underlying policy of an attribute-based encryption (ABE) ciphertext. However, the function of AB-PRE is to convert the underlying policies of all ciphertexts indiscriminately, which lacks the flexibility of ciphertext transformation. Therefore, AB-PRE needs to support the property of conditional delegation. Among the other variants of PRE, there is a variant called conditional PRE (C-PRE), which allows fine-grained delegations by restricting the proxy to performing valid re-encryption only for a limited set of ciphertexts. Unfortunately, existing PRE schemes cannot simultaneously achieve expressible access control mechanisms and fine-grained delegations. Specifically, we require a PRE scheme, via which the proxy can convert the underlying policies of an ABE ciphertext only if this ciphertext is in the set of ciphertexts allowing the proxy to perform valid transformations. To address this problem, we formalize the notion of conditional attribute-based PRE (CAB-PRE) in the honest re-encryption attacks (HRA) model, which is more robust and implies chosen-plaintext attacks (CPA) security, and propose the first CAB-PRE scheme. To construct such a scheme, we design as a building block, the first adaptively HRA-secure (ciphertext-policy) AB-PRE based on the learning with errors (LWE) problem. This scheme solves the open problem left by Susilo et al. in ESORICS\u2721 about how to construct an HRA-secure (ciphertext-policy) AB-PRE scheme, and it should be of independent interest. Then, we introduce a well-matched conditional delegation mechanism for this AB-PRE scheme to derive our adaptively HRA-secure CAB-PRE scheme

Searchable atribute-based mechanism with efficiient data sharing for secure cloud storage

To date, the growth of electronic personal data leads to a trend that data owners prefer to remotely outsource their data to clouds for the enjoyment of the high-quality retrieval and storage service without worrying the burden of local data management and maintenance. However, secure share and search for the outsourced data is a formidable task, which may easily incur the leakage of sensitive personal information. Efficient data sharing and searching with security is of critical importance. This paper, for the first time, proposes a searchable attribute-based proxy re-encryption system. When compared to existing systems only supporting either searchable attribute-based functionality or attribute-based proxy re-encryption, our new primitive supports both abilities and provides flexible keyword update service. Specifically, the system enables a data owner to efficiently share his data to a specified group of users matching a sharing policy and meanwhile, the data will maintain its searchable property but also the corresponding search keyword(s) can be updated after the data sharing. The new mechanism is applicable to many real-world applications, such as electronic health record systems. It is also proved chosen ciphertext secure in the random oracle model

Shared and Searchable Encrypted Data for Untrusted Servers

Current security mechanisms pose a risk for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data but all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide two constructions of the scheme giving formal proofs of their security. We also report on the results of a prototype implementation. This research was supported by the UK’s EPSRC research grant EP/C537181/1. The authors would like to thank the members of the Policy Research Group at Imperial College for their support

Longitude : a privacy-preserving location sharing protocol for mobile applications

Location sharing services are becoming increasingly popular. Although many location sharing services allow users to set up privacy policies to control who can access their location, the use made by service providers remains a source of concern. Ideally, location sharing providers and middleware should not be able to access users’ location data without their consent. In this paper, we propose a new location sharing protocol called Longitude that eases privacy concerns by making it possible to share a user’s location data blindly and allowing the user to control who can access her location, when and to what degree of precision. The underlying cryptographic algorithms are designed for GPS-enabled mobile phones. We describe and evaluate our implementation for the Nexus One Android mobile phone