Time-based attribute-based proxy re-encryption with decryption key update

IF 1.4 2区数学 Q3 COMPUTER SCIENCE, THEORY & METHODS

Designs, Codes and Cryptography Pub Date : 2024-08-31 DOI:10.1007/s10623-024-01467-x

Feixiang Zhao, Jian Weng, Wenli Xie, Lin Hou, Ming Li

{"title":"Time-based attribute-based proxy re-encryption with decryption key update","authors":"Feixiang Zhao, Jian Weng, Wenli Xie, Lin Hou, Ming Li","doi":"10.1007/s10623-024-01467-x","DOIUrl":null,"url":null,"abstract":"<p>Proxy re-encryption (PRE) is a cryptosystem that realizes efficient encrypted data sharing by allowing a third party proxy to transform a ciphertext intended for a delegator (i.e., Alice) to a ciphertext intended for a delegatee (i.e., Bob). Attribute-based proxy re-encrypftion (AB-PRE) generalizes PRE to the attribute-based scenarios, enabling fine-grained access control on ciphertexts. However, the existing AB-PRE schemes do not adequately address the following problems: (1) the risk of decryption key leakage, and (2) the need of time-based delegation. To resolve these problems, we introduce a primitive called time-based attribute-based proxy re-encryption (TB-AB-PRE) with decryption key update. TB-AB-PRE associates keys with the current time information and supports efficient periodical decryption key update for each time transition. This property guarantees that a compromise of a decryption key for some time does not breach the security of ciphertexts from the others. Leveraging this time-based property, the proposed TB-AB-PRE elegantly achieves time-based delegation which enables Alice to decide which ciphertexts can be transformed and their decryptable timeframe after being transformed. The proposed construction is proven to be secure against honest re-encryption attacks with decryption key exposure resistance, under the learning with errors assumption.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"8 1","pages":""},"PeriodicalIF":1.4000,"publicationDate":"2024-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Designs, Codes and Cryptography","FirstCategoryId":"100","ListUrlMain":"https://doi.org/10.1007/s10623-024-01467-x","RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Proxy re-encryption (PRE) is a cryptosystem that realizes efficient encrypted data sharing by allowing a third party proxy to transform a ciphertext intended for a delegator (i.e., Alice) to a ciphertext intended for a delegatee (i.e., Bob). Attribute-based proxy re-encrypftion (AB-PRE) generalizes PRE to the attribute-based scenarios, enabling fine-grained access control on ciphertexts. However, the existing AB-PRE schemes do not adequately address the following problems: (1) the risk of decryption key leakage, and (2) the need of time-based delegation. To resolve these problems, we introduce a primitive called time-based attribute-based proxy re-encryption (TB-AB-PRE) with decryption key update. TB-AB-PRE associates keys with the current time information and supports efficient periodical decryption key update for each time transition. This property guarantees that a compromise of a decryption key for some time does not breach the security of ciphertexts from the others. Leveraging this time-based property, the proposed TB-AB-PRE elegantly achieves time-based delegation which enables Alice to decide which ciphertexts can be transformed and their decryptable timeframe after being transformed. The proposed construction is proven to be secure against honest re-encryption attacks with decryption key exposure resistance, under the learning with errors assumption.

查看原文本刊更多论文

基于时间属性的代理重新加密与解密密钥更新

代理重加密（PRE）是一种加密系统，通过允许第三方代理将针对委托人（即 Alice）的密文转换为针对被委托人（即 Bob）的密文，从而实现高效的加密数据共享。基于属性的代理重加密（AB-PRE）将 PRE 推广到基于属性的方案中，实现了对密文的细粒度访问控制。然而，现有的 AB-PRE 方案没有充分解决以下问题：（1）解密密钥泄漏的风险；（2）基于时间的授权需求。为了解决这些问题，我们引入了一种带有解密密钥更新的基于时间属性的代理重加密（TB-AB-PRE）。TB-AB-PRE 将密钥与当前的时间信息关联起来，并支持每次时间转换的高效周期性解密密钥更新。这一特性保证了某个时间段的解密密钥泄露不会破坏其他时间段密文的安全性。利用这一基于时间的特性，所提出的 TB-AB-PRE 优雅地实现了基于时间的授权，使 Alice 能够决定哪些密文可以转换以及转换后的可解密时限。事实证明，在错误学习假设下，所提出的结构可以安全地抵御诚实的重加密攻击，并具有抗解密密钥暴露的能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Designs, Codes and Cryptography 工程技术-计算机：理论方法

CiteScore

2.80

自引率

12.50%

发文量

157

审稿时长

16.5 months

期刊介绍： Designs, Codes and Cryptography is an archival peer-reviewed technical journal publishing original research papers in the designated areas. There is a great deal of activity in design theory, coding theory and cryptography, including a substantial amount of research which brings together more than one of the subjects. While many journals exist for each of the individual areas, few encourage the interaction of the disciplines. The journal was founded to meet the needs of mathematicians, engineers and computer scientists working in these areas, whose interests extend beyond the bounds of any one of the individual disciplines. The journal provides a forum for high quality research in its three areas, with papers touching more than one of the areas especially welcome. The journal also considers high quality submissions in the closely related areas of finite fields and finite geometries, which provide important tools for both the construction and the actual application of designs, codes and cryptographic systems. In particular, it includes (mostly theoretical) papers on computational aspects of finite fields. It also considers topics in sequence design, which frequently admit equivalent formulations in the journal’s main areas. Designs, Codes and Cryptography is mathematically oriented, emphasizing the algebraic and geometric aspects of the areas it covers. The journal considers high quality papers of both a theoretical and a practical nature, provided they contain a substantial amount of mathematics.