Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribu...Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.展开更多
In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called mult...In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle.展开更多
Cloud computing has become prevalent in the sharing of outsourced data due to its strong computing power and storage capacity.Ensuring data security is vitally important when sharing data in the cloud.Recently,numerou...Cloud computing has become prevalent in the sharing of outsourced data due to its strong computing power and storage capacity.Ensuring data security is vitally important when sharing data in the cloud.Recently,numerous broadcast proxy re-encryption(BPRE)schemes have been designed to address the data security issues of such applications.However,there are no any BPRE schemes that have been designed to address the issue of updating the re-encryption key in a dynamic cloud environment.Therefore,the authors propose a lightweight dynamic broadcast proxy re-encryption scheme(LD-BPRE)to address this issue in dynamic settings where the data owner can dynamically change the set of data users and does not need to update the re-encryption key for the new set of data users.In other words,the proxy can reset a re-encryption ciphertext for the new set of data users using the original re-encryption key.This is significant in a dynamic cloud setting and provides convenience for cloud users.The proposed LD-BPRE is lightweight for users with low-power devices as most of the computing overhead is offloaded to the cloud.The authors formally define the LD-BPRE scheme and prove its security under a decision n-BDHE assumption in the standard model.Finally,extensive comparisons and experiments indicate that LD-BPRE is efficient and practical.展开更多
The sharing of pathological data is highly important in various applications,such as remote diagnosis,graded diagnosis,illness treatment,and specialist system development.However,ensuring reliable,secure,privacy-prese...The sharing of pathological data is highly important in various applications,such as remote diagnosis,graded diagnosis,illness treatment,and specialist system development.However,ensuring reliable,secure,privacy-preserving,and efficient sharing of pathological data poses significant challenges.This paper presents a novel solution that leverages blockchain technology to ensure reliability in pathological data sharing.Additionally,it employs conditional proxy re-encryption(C-PRE)and public key encryption with equality test technology to control the scope and preserve the privacy of shared data.To assess the practicality of our solution,we implemented a prototype system using Hyperledger Fabric and conducted evaluations with various metrics.We also compared the solution with relevant schemes.The results demonstrate that the proposed solution effectively meets the requirements for pathological data sharing and is practical in production scenarios.展开更多
基金Programs for Science and Technology Development of Henan Province,grant number 242102210152The Fundamental Research Funds for the Universities of Henan Province,grant number NSFRF240620+1 种基金Key Scientific Research Project of Henan Higher Education Institutions,grant number 24A520015Henan Key Laboratory of Network Cryptography Technology,grant number LNCT2022-A11.
文摘Conditional proxy re-encryption(CPRE)is an effective cryptographic primitive language that enhances the access control mechanism and makes the delegation of decryption permissions more granular,but most of the attribute-based conditional proxy re-encryption(AB-CPRE)schemes proposed so far do not take into account the importance of user attributes.A weighted attribute-based conditional proxy re-encryption(WAB-CPRE)scheme is thus designed to provide more precise decryption rights delegation.By introducing the concept of weight attributes,the quantity of system attributes managed by the server is reduced greatly.At the same time,a weighted tree structure is constructed to simplify the expression of access structure effectively.With conditional proxy re-encryption,large amounts of data and complex computations are outsourced to cloud servers,so the data owner(DO)can revoke the user’s decryption rights directly with minimal costs.The scheme proposed achieves security against chosen plaintext attacks(CPA).Experimental simulation results demonstrated that the decryption time is within 6–9 ms,and it has a significant reduction in communication and computation cost on the user side with better functionality compared to other related schemes,which enables users to access cloud data on devices with limited resources.
基金supported,in part,by the National Nature Science Foundation of China under grant numbers 61502240,61502096,61304205,61773219in part,by the Natural Science Foundation of Jiangsu Province under Grant Numbers BK20191401。
文摘In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle.
基金supported by the National Key Research and Development Program of China under Grant No.2020YFA0712300in part by the National Natural Science Foundation of China under Grant Nos.62132005,61632012,62172162,and U1705264。
文摘Cloud computing has become prevalent in the sharing of outsourced data due to its strong computing power and storage capacity.Ensuring data security is vitally important when sharing data in the cloud.Recently,numerous broadcast proxy re-encryption(BPRE)schemes have been designed to address the data security issues of such applications.However,there are no any BPRE schemes that have been designed to address the issue of updating the re-encryption key in a dynamic cloud environment.Therefore,the authors propose a lightweight dynamic broadcast proxy re-encryption scheme(LD-BPRE)to address this issue in dynamic settings where the data owner can dynamically change the set of data users and does not need to update the re-encryption key for the new set of data users.In other words,the proxy can reset a re-encryption ciphertext for the new set of data users using the original re-encryption key.This is significant in a dynamic cloud setting and provides convenience for cloud users.The proposed LD-BPRE is lightweight for users with low-power devices as most of the computing overhead is offloaded to the cloud.The authors formally define the LD-BPRE scheme and prove its security under a decision n-BDHE assumption in the standard model.Finally,extensive comparisons and experiments indicate that LD-BPRE is efficient and practical.
基金supported by National Natural Science Foundation of China under Grant 61972438Wuhu Science and Tech-nology Plan Project under Grant 2022yf50Key Research and Develop-ment Projects in Anhui Province under Grant 202004a05020002 and 2022a05020049.
文摘The sharing of pathological data is highly important in various applications,such as remote diagnosis,graded diagnosis,illness treatment,and specialist system development.However,ensuring reliable,secure,privacy-preserving,and efficient sharing of pathological data poses significant challenges.This paper presents a novel solution that leverages blockchain technology to ensure reliability in pathological data sharing.Additionally,it employs conditional proxy re-encryption(C-PRE)and public key encryption with equality test technology to control the scope and preserve the privacy of shared data.To assess the practicality of our solution,we implemented a prototype system using Hyperledger Fabric and conducted evaluations with various metrics.We also compared the solution with relevant schemes.The results demonstrate that the proposed solution effectively meets the requirements for pathological data sharing and is practical in production scenarios.
