Time-based attribute-based proxy re-encryption with decryption key update

IF 16.4 1区化学 Q1 CHEMISTRY, MULTIDISCIPLINARY

Accounts of Chemical Research Pub Date : 2024-08-31 DOI:10.1007/s10623-024-01467-x

Feixiang Zhao, Jian Weng, Wenli Xie, Lin Hou, Ming Li

{"title":"Time-based attribute-based proxy re-encryption with decryption key update","authors":"Feixiang Zhao, Jian Weng, Wenli Xie, Lin Hou, Ming Li","doi":"10.1007/s10623-024-01467-x","DOIUrl":null,"url":null,"abstract":"<p>Proxy re-encryption (PRE) is a cryptosystem that realizes efficient encrypted data sharing by allowing a third party proxy to transform a ciphertext intended for a delegator (i.e., Alice) to a ciphertext intended for a delegatee (i.e., Bob). Attribute-based proxy re-encrypftion (AB-PRE) generalizes PRE to the attribute-based scenarios, enabling fine-grained access control on ciphertexts. However, the existing AB-PRE schemes do not adequately address the following problems: (1) the risk of decryption key leakage, and (2) the need of time-based delegation. To resolve these problems, we introduce a primitive called time-based attribute-based proxy re-encryption (TB-AB-PRE) with decryption key update. TB-AB-PRE associates keys with the current time information and supports efficient periodical decryption key update for each time transition. This property guarantees that a compromise of a decryption key for some time does not breach the security of ciphertexts from the others. Leveraging this time-based property, the proposed TB-AB-PRE elegantly achieves time-based delegation which enables Alice to decide which ciphertexts can be transformed and their decryptable timeframe after being transformed. The proposed construction is proven to be secure against honest re-encryption attacks with decryption key exposure resistance, under the learning with errors assumption.</p>","PeriodicalId":1,"journal":{"name":"Accounts of Chemical Research","volume":null,"pages":null},"PeriodicalIF":16.4000,"publicationDate":"2024-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Accounts of Chemical Research","FirstCategoryId":"100","ListUrlMain":"https://doi.org/10.1007/s10623-024-01467-x","RegionNum":1,"RegionCategory":"化学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"CHEMISTRY, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

Abstract

Proxy re-encryption (PRE) is a cryptosystem that realizes efficient encrypted data sharing by allowing a third party proxy to transform a ciphertext intended for a delegator (i.e., Alice) to a ciphertext intended for a delegatee (i.e., Bob). Attribute-based proxy re-encrypftion (AB-PRE) generalizes PRE to the attribute-based scenarios, enabling fine-grained access control on ciphertexts. However, the existing AB-PRE schemes do not adequately address the following problems: (1) the risk of decryption key leakage, and (2) the need of time-based delegation. To resolve these problems, we introduce a primitive called time-based attribute-based proxy re-encryption (TB-AB-PRE) with decryption key update. TB-AB-PRE associates keys with the current time information and supports efficient periodical decryption key update for each time transition. This property guarantees that a compromise of a decryption key for some time does not breach the security of ciphertexts from the others. Leveraging this time-based property, the proposed TB-AB-PRE elegantly achieves time-based delegation which enables Alice to decide which ciphertexts can be transformed and their decryptable timeframe after being transformed. The proposed construction is proven to be secure against honest re-encryption attacks with decryption key exposure resistance, under the learning with errors assumption.

查看原文本刊更多论文

基于时间属性的代理重新加密与解密密钥更新

代理重加密（PRE）是一种加密系统，通过允许第三方代理将针对委托人（即 Alice）的密文转换为针对被委托人（即 Bob）的密文，从而实现高效的加密数据共享。基于属性的代理重加密（AB-PRE）将 PRE 推广到基于属性的方案中，实现了对密文的细粒度访问控制。然而，现有的 AB-PRE 方案没有充分解决以下问题：（1）解密密钥泄漏的风险；（2）基于时间的授权需求。为了解决这些问题，我们引入了一种带有解密密钥更新的基于时间属性的代理重加密（TB-AB-PRE）。TB-AB-PRE 将密钥与当前的时间信息关联起来，并支持每次时间转换的高效周期性解密密钥更新。这一特性保证了某个时间段的解密密钥泄露不会破坏其他时间段密文的安全性。利用这一基于时间的特性，所提出的 TB-AB-PRE 优雅地实现了基于时间的授权，使 Alice 能够决定哪些密文可以转换以及转换后的可解密时限。事实证明，在错误学习假设下，所提出的结构可以安全地抵御诚实的重加密攻击，并具有抗解密密钥暴露的能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Accounts of Chemical Research 化学-化学综合

CiteScore

31.40

自引率

1.10%

发文量

312

审稿时长

2 months

期刊介绍： Accounts of Chemical Research presents short, concise and critical articles offering easy-to-read overviews of basic research and applications in all areas of chemistry and biochemistry. These short reviews focus on research from the author’s own laboratory and are designed to teach the reader about a research project. In addition, Accounts of Chemical Research publishes commentaries that give an informed opinion on a current research problem. Special Issues online are devoted to a single topic of unusual activity and significance. Accounts of Chemical Research replaces the traditional article abstract with an article "Conspectus." These entries synopsize the research affording the reader a closer look at the content and significance of an article. Through this provision of a more detailed description of the article contents, the Conspectus enhances the article's discoverability by search engines and the exposure for the research.