As an service mode in the modern society,cloud computing is gradually spread and popularized.In cloud computing environment,there is a demand for cipher-text's transformation.And the proxy re-encryption(PRE)technology can convert the encrypted data files efficiently and safely,which meets the demand for encrypt-ed data sharing in the cloud.In this background,the existing certificate-based conditional proxy re-encryption(CB-CPRE)schemes support the data confiden-tiality effectively in the cloud environment.They have solved the heavy certificate management problem and the key escrow problem.Meanwhile,only the cipher-texts which meet the conditions can be re-encrypted correctly.In the actual network environment,more users need to exchange data.To meet the requirement of more fine-grained data sharing,we propose a certificate-based conditional proxy re-encryption scheme with the property of re-encryption control based on the existing certificate-based conditional proxy re-encryption schemes.Under the hardness assumption of the BDH problem,the scheme is proved indistinguishable against adaptively chosen-ciphertext attack in the ran-dom oracle model.The scheme allows the encryptor to decide whether the cipher-text can be re-encrypted and we can share the encrypted data more fine-grained.At the same time,we extend the scheme and further propose a certificate-based conditional proxy re-encryption scheme which refines the property of re-encryption control.Besides,the existing certificate-based conditional proxy re-encryption schemes only consider the delegator and the delegatee in the same domain(intra-domain).Thus,we propose the definition and security model of certificated-based multi-domain conditional proxy re-encryption(CB-MD-CPRE)based on the concept of multi-domain.Then users in the inter-domain can access each other's data,which effectively solves the above problem.Integrating with the elliptic curve group,a pairing-free certificated-based multi-domain conditional proxy re-encryption scheme is further proposed and the proposed scheme is proved indistinguishable against adaptively chosen-ciphertext attack in the random oracle model.Finally,com-pared to other related schemes,the proposed scheme has obvious advantages in performance and computational complexity.The delegator can flexibly authorize the decryption rights based on a condition.Besides,it allows users from the same domain or different domains to share data.Therefore,the proposed scheme is more suitable for cloud computing applications. |