Certificate-Based Proxy Re-encryption for Public Cloud Storage

Abstract

Recently cloud computing paradigm has increasingly become a new model in which a shared pool of configurable computing resources is provided as services over the Internet. Specially, this paradigm encourages an efficient model for data sharing among cloud users since data owners are able to outsource their data to public cloud storage which can provide access to the data as a service. Considering the useful data sharing model in the cloud, however, it brings new security challenges that make users apprehensive about data confidentiality for their sensitive data on public cloud storage. In this paper, we introduce the notion of certificate-based proxy re-encryption as a new cryptographic primitive to effectively support the data confidentiality on the outsourced data in public cloud storage. In particular, we give a formal security model for secure certificate-based proxy re-encryption schemes and present a concrete scheme based on bilinear pairing, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. Finally, we show that our scheme has chosen cipher text security in the random oracle model.