Research On Several Issues Of Proxy Re-encryption

Proxy re-encryption(PRE)was first introduced by Blaze,Bleumer and Strauss in Eurocrypt 1998.Later in ACM CCS 2005 and NDSS 2005,Ateniese,Fu,Green and Hohenberger formalized the definition of proxy re-encryption.In a proxy re-encryption schenem,a proxy can convert the delegator's ciphertext into the delegatee's ciphertext.However the proxy can not learn anything about the underlying plaintext.Proxy was widely used in many practical applications,such as secure distributed file system outsourced filtering of encrypted spam and encrypted email forwarding system.PRE provides a mechanism that enables a proxy to convert the delegator's ciphertext into the delegatee's ciphertext without decryping the ciphertext first.Moreover the delegate can decrypt the reencrypted ciphertext with his own private key.In nearly past ten years,PRE has made many achievements in both theory and practice.However,PRE is still in the infant stage as there are many open problems remains to be solved.In this dissertation,we study the open problems of RRE schemes,includingkey-policy attribute-based proxy re-encryption(KPAB-PRE),identity-based conditional proxy re-encryption(IB-CPRE),fuzzy conditional proxy re-encryption(PC-PRE),key-private indentity-based proxy re-encryption,soruce hiding identity-based proxy re-encryption.This dissertationsolved many open problems left by privous work.The contributions of this study are as follows:1.Non-interactive fuzzy conditional proxy re-encryptionIn this dissertation,we proposed a non-interactive fuzzy conditional proxy re-encryption(FCPRE),which enables the delegator to generate the conditional proxy re-encryption key without interaction with the delegatee.So the delegate can be off-line during the conditional peoxy reencrypiton key generation.The previous scheme proposed by Fang is an interactive scheme,which means the delegator need to interactive with the delegatee to generator the proxy re-encryption key.Furthermore,the previous scheme is only secure in the random oracle model.While our scheme is non interactive and proved CCA secure without random oracles.Our work solved the open problems left by the previous work.2.Key-policy attribute-based proxy re-encryption,identity-based conditional proxy re-encryption with fine-grain policyIn this dissertation,we proposeda KPAB-PRE schenme against chosen-ciphertext attack(CCA)securewithout random oracles.We first formalize the definition of KPAB-PRE and its security model.And then we prove its CCA security under the proposed model.Next,based on the above KPAB-PRE scheme,we formalize the notion of IB-CPRE scheme with fine-grain policy and present a CCA secure IB-CPRE with fine-grain policy scheme.As the previous IB-CPRE can not support Boolean operations on conditions,we present an IB-CPRE scheme based on an access tree.Furthermore,our scheme is non-interative as the proxy re-encryption key is generated by the delegator using the delegatee's identity.So,the delegate can be off-line.Our scheme solver the open pooblem of how to construct a non-interactive IB-CPRE left by the previouswork.3.Key-private identity-based proxy re-encryption in the standard modelIn the traditional PRE schemes,the security model only considers the security of the original ciphertext and the re-encrypted ciphertext.However in some applications,the sender and recipient's identity should also be not revealed.In this dissertation,we proposeda key-private IB-PRE scheme,in which,the adversary cannot reveal the sender and recipient's identity from the re-encryption key,the original ciphertext and the re-encrypted ciphertex.4.Collusion resistant source hiding idneitity-based proxy re-encryption in the standard modelIn some applications,such as mailing-list system,the relation ship between the source ciphertext and the destination ciphertext should not be revealed.This means,an adversary cannot decide whether a source ciphertext is the source of a destination ciphertext.The former source hiding IB-PRE scheme proposed by Emura,Miyaji and Omote is not collusion resistant,which menas,the proxy colluding with a set of delegates can reveal not only the plaintext but also the delegator's private key.In this dissertation,we proposed the first collusion resistant source hiding IB-PRE scheme.Furthermore,our scheme is proved secure without random oracles.