Cryptology ePrint Archive: Report 2005/028

Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage

Giuseppe Ateniese and Kevin Fu and Matthew Green and Susan Hohenberger

Abstract: In 1998, Blaze, Bleumer, and Strauss (BBS) proposed an application called atomic proxy re-encryption, in which a semi-trusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plaintext. We predict that fast and secure re-encryption will become increasingly popular as a method for managing encrypted file systems. Although efficiently computable, the wide-spread adoption of BBS re-encryption has been hindered by considerable security risks. Following recent work of Ivan and Dodis, we present new re-encryption schemes that realize a stronger notion of security and we demonstrate the usefulness of proxy re-encryption as a method of adding access control to the SFS read-only file system. Performance measurements of our experimental file system demonstrate that proxy re-encryption can work effectively in practice.

Category / Keywords:

Publication Info: Originally published in proceedings of NDSS 2005, journal version to appear in ACM TISSEC.

Date: received 3 Feb 2005, last revised 11 Jan 2006

Contact author: ateniese at cs jhu edu

Available formats: PDF | BibTeX Citation

Version: 20060111:153421 (All versions of this report)

Discussion forum: Show discussion | Start new discussion