Paper 2010/192

Non-Transferable Proxy Re-Encryption Scheme for Data Dissemination Control

Yi-Jun He, Tat Wing Chim, Lucas Chi Kwong Hui, and Siu-Ming Yiu

Abstract

A proxy re-encryption (PRE) scheme allows a proxy to re-encrypt a ciphertext for Alice (delegator) to a ciphertext for Bob (delegatee) without seeing the underlying plaintext. With the help of the proxy, Alice can delegate the decryption right to any delegatee. However, existing PRE schemes generally suffer from at least one of the followings. Some schemes fail to provide the non-transferable property in which the proxy and the delegatee can collude to further delegate the decryption right to anyone. This is the main open problem left for PRE schemes. Other schemes assume the existence of a fully trusted private key generator (PKG) to generate the re-encryption key to be used by the proxy for re-encrypting a given ciphertext for a target delegatee. But this poses two problems in PRE schemes if the PKG is malicious: the PKG in their schemes may decrypt both original ciphertexts and re-encrypted ciphertexts (referred as the key escrow problem); and the PKG can generate re-encryption key for arbitrary delegatees without permission from the delegator (we refer to it as the PKG despotism problem). In this paper, we propose the first non-transferable proxy re-encryption scheme which successfully achieves the non-transferable property. We also reduce the full trust in PKG, only a limited amount of trust is placed in the proxy and PKG. We show that the new scheme solved the PKG despotism problem and key escrow problem as well. Further, we find that the new scheme satisfies requirements of data dissemination control which is also a challenging goal for data security. We explore the potential of adopting our new scheme to achieve data dissemination control and implement a non-transferable re-encryption based encrypted PC/USB file system. Performance measurements of our scheme demonstrate that non-transferable re-encryption is practical and efficient.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
proxy re-encryptioncertificateless public key encryptionnon-transferable propertydata dissemination
Contact author(s)
yjhe @ cs hku hk
History
2011-03-31: last of 6 revisions
2010-04-09: received
See all versions
Short URL
https://ia.cr/2010/192
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/192,
      author = {Yi-Jun He and Tat Wing Chim and Lucas Chi Kwong Hui and Siu-Ming Yiu},
      title = {Non-Transferable Proxy Re-Encryption Scheme for Data Dissemination Control},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/192},
      year = {2010},
      url = {https://eprint.iacr.org/2010/192}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.