期刊文献+
共找到29篇文章
< 1 2 >
每页显示 20 50 100
A Blockchain-Based Proxy Re-Encryption Scheme with Conditional Privacy Protection and Auditability
1
作者 Chen Guo PengWeijun +3 位作者 Wu Jing Fang Youxuan Ye Keke Xin Yanshuang 《China Communications》 SCIE CSCD 2024年第7期267-277,共11页
With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosur... With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost. 展开更多
关键词 attribute encryption blockchain homomorphic encryption house leasing proxy re-encryption zero-knowledge proof
下载PDF
Quantum-Resistant Multi-Feature Attribute-Based Proxy Re-Encryption Scheme for Cloud Services
2
作者 Jinqiu Hou Changgen Peng +1 位作者 Weijie Tan Hongfa Ding 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第1期917-938,共22页
Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been ... Cloud-based services have powerful storage functions and can provide accurate computation.However,the question of how to guarantee cloud-based services access control and achieve data sharing security has always been a research highlight.Although the attribute-based proxy re-encryption(ABPRE)schemes based on number theory can solve this problem,it is still difficult to resist quantum attacks and have limited expression capabilities.To address these issues,we present a novel linear secret sharing schemes(LSSS)matrix-based ABPRE scheme with the fine-grained policy on the lattice in the research.Additionally,to detect the activities of illegal proxies,homomorphic signature(HS)technology is introduced to realize the verifiability of re-encryption.Moreover,the non-interactivity,unidirectionality,proxy transparency,multi-use,and anti-quantum attack characteristics of our system are all advantageous.Besides,it can efficiently prevent the loss of processing power brought on by repetitive authorisation and can enable precise and safe data sharing in the cloud.Furthermore,under the standard model,the proposed learning with errors(LWE)-based scheme was proven to be IND-sCPA secure. 展开更多
关键词 LATTICE learning with errors attribute-based proxy re-encryption linear secret sharing schemes
下载PDF
Key-Private Identity-Based Proxy Re-Encryption 被引量:1
3
作者 Chunpeng Ge Jinyue Xia Liming Fang 《Computers, Materials & Continua》 SCIE EI 2020年第5期633-647,共15页
An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-t... An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-trusted,it should place as little trust as necessary to allow it to perform the translations.In some applications such as distributed file system,it demands the adversary cannot identify the sender and recipient’s identities.However,none of the exiting IB-PRE schemes satisfy this requirement.In this work,we first define the security model of key-private IB-PRE.Finally,we propose the first key-private IB-PRE scheme.Our scheme is chosen plaintext secure(CPA)and collusion resistant in the standard model. 展开更多
关键词 Proxy re-encryption identity-based proxy re-encryption key-private collusion resistant
下载PDF
A Multi-Conditional Proxy Broadcast Re-Encryption Scheme for Sensor Networks
4
作者 Pang Li Lifeng Zhu +1 位作者 Brij B.Gupta Sunil Kumar Jha 《Computers, Materials & Continua》 SCIE EI 2020年第12期2079-2090,共12页
In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called mult... In sensor networks,it is a challenge to ensure the security of data exchange between packet switching nodes holding different private keys.In order to solve this problem,the present study proposes a scheme called multi-conditional proxy broadcast re-encryption(MC-PBRE).The scheme consists of the following roles:the source node,proxy server,and the target node.If the condition is met,the proxy can convert the encrypted data of the source node into data that the target node can directly decrypt.It allows the proxy server to convert the ciphertext of the source node to a new ciphertext of the target node in a different group,while the proxy server does not need to store the key or reveal the plaintext.At the same time,the proxy server cannot obtain any valuable information in the ciphertext.This paper formalizes the concept of MC-PBRE and its security model,and proposes a MC-PBRE scheme of ciphertext security.Finally,the scheme security has been proved in the random oracle. 展开更多
关键词 Proxy re-encryption sensor network security broadcast re-encryption
下载PDF
NC-MACPABE: Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems 被引量:9
5
作者 XU Xiao-long ZHANG Qi-tong ZHOU Jing-lan 《Journal of Central South University》 SCIE EI CAS CSCD 2017年第4期807-818,共12页
The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untru... The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time. 展开更多
关键词 cloud storage data PRIVACY PROXY re-encryption multi-authority
下载PDF
Attribute-Based Re-Encryption Scheme in the Standard Model 被引量:2
6
作者 GUO Shanqing ZENG Yingpei +1 位作者 WEI Juan XU Qiuliang 《Wuhan University Journal of Natural Sciences》 CAS 2008年第5期621-625,共5页
In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext unde... In this paper, we propose a new attribute-based proxy re-encryption scheme, where a semi-trusted proxy, with some additional information, can transform a ciphertext under a set of attributes into a new ciphertext under another set of attributes on the same message, but not vice versa, furthermore, its security was proved in the standard model based on decisional bilinear Diffie-Hellman assumption. This scheme can be used to realize fine-grained selectively sharing of encrypted data, but the general proxy rencryption scheme severely can not do it, so the proposed schemecan be thought as an improvement of general traditional proxy re-encryption scheme. 展开更多
关键词 ATTRIBUTE-BASED re-encryption scheme standard model network storage
下载PDF
Multi-authority proxy re-encryption based on CPABE for cloud storage systems 被引量:7
7
作者 Xiaolong Xu Jinglan Zhou +1 位作者 Xinheng Wang Yun Zhang 《Journal of Systems Engineering and Electronics》 SCIE EI CSCD 2016年第1期211-223,共13页
The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in ... The dissociation between data management and data ownership makes it difficult to protect data security and privacy in cloud storage systems.Traditional encryption technologies are not suitable for data protection in cloud storage systems.A novel multi-authority proxy re-encryption mechanism based on ciphertext-policy attribute-based encryption(MPRE-CPABE) is proposed for cloud storage systems.MPRE-CPABE requires data owner to split each file into two blocks,one big block and one small block.The small block is used to encrypt the big one as the private key,and then the encrypted big block will be uploaded to the cloud storage system.Even if the uploaded big block of file is stolen,illegal users cannot get the complete information of the file easily.Ciphertext-policy attribute-based encryption(CPABE)is always criticized for its heavy overload and insecure issues when distributing keys or revoking user's access right.MPRE-CPABE applies CPABE to the multi-authority cloud storage system,and solves the above issues.The weighted access structure(WAS) is proposed to support a variety of fine-grained threshold access control policy in multi-authority environments,and reduce the computational cost of key distribution.Meanwhile,MPRE-CPABE uses proxy re-encryption to reduce the computational cost of access revocation.Experiments are implemented on platforms of Ubuntu and CloudSim.Experimental results show that MPRE-CPABE can greatly reduce the computational cost of the generation of key components and the revocation of user's access right.MPRE-CPABE is also proved secure under the security model of decisional bilinear Diffie-Hellman(DBDH). 展开更多
关键词 cloud storage data partition multi-authority security proxy re-encryption attribute-based encryption(ABE).
下载PDF
The Development of Proxy Re-Encryption 被引量:1
8
作者 Yepeng Liu Yongjun Ren +1 位作者 Qirun Wang Jinyue Xia 《Journal of Cyber Security》 2020年第1期1-8,共8页
With the diversification of electronic devices,cloud-based services have become the link between different devices.As a cryptosystem with secure conversion function,proxy re-encryption enables secure sharing of data i... With the diversification of electronic devices,cloud-based services have become the link between different devices.As a cryptosystem with secure conversion function,proxy re-encryption enables secure sharing of data in a cloud environment.Proxy re-encryption is a public key encryption system with ciphertext security conversion function.A semi-trusted agent plays the role of ciphertext conversion,which can convert the user ciphertext into the same plaintext encrypted by the principal’s public key.Proxy re-encryption has been a hotspot in the field of information security since it was proposed by Blaze et al.[Blaze,Bleumer and Strauss(1998)].After 20 years of development,proxy re-encryption has evolved into many forms been widely used.This paper elaborates on the definition,characteristics and development status of proxy re-encryption,and classifies proxy re-encryption from the perspectives of user identity,conversion condition,conversion hop count and conversion direction.The aspects of the existing program were compared and briefly reviewed from the aspects of features,performance,and security.Finally,this paper looks forward to the possible development direction of proxy re-encryption in the future. 展开更多
关键词 Proxy re-encryption bilinear pairing information security
下载PDF
A Data Transmission Approach Based on Ant Colony Optimization and Threshold Proxy Re-encryption in WSNs 被引量:2
9
作者 Jing Liu Zenghui Liu +1 位作者 Chenyu Sun Junxi Zhuang 《Journal of Artificial Intelligence and Technology》 2022年第1期23-31,共9页
Wireless sensor networks(WSNs)have become increasingly popular due to the rapid growth of the Internet of Things.As open wireless transmission media are easy to attack,security is one of the primary design concerns fo... Wireless sensor networks(WSNs)have become increasingly popular due to the rapid growth of the Internet of Things.As open wireless transmission media are easy to attack,security is one of the primary design concerns for WSNs.Current solutions consider routing and data encryption as two isolated issues,providing incomplete security.Therefore,in this paper,we divide the WSN communication process into a data path selection phase and a data encryption phase.We propose an improved transmission method based on ant colony optimization(ACO)and threshold proxy re-encryption for WSNs,and we named it as ACOTPRE.The method resists internal and external attacks and ensures safe and efficient data transmission.In the data path selection stage,the ACO algorithm is used for network routing.The improvement of the pheromone concentration is proposed.In order to resist attacks from external attackers,proxy re-encryption is extended to WSN in the data encryption stage.The threshold secret sharing algorithm is introduced to generate a set of re-encryption key fragments composed of random numbers at the source node.We confirm the performance of our model via simulation studies. 展开更多
关键词 wireless sensors network ant colony optimization PHEROMONE proxy re-encryption THRESHOLD
下载PDF
A Proxy Re-Encryption with Keyword Search Scheme in Cloud Computing
10
作者 Yongli Tang Huanhuan Lian +1 位作者 Zemao Zhao Xixi Yan 《Computers, Materials & Continua》 SCIE EI 2018年第8期339-352,共14页
With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,bus... With the widespread use of cloud computing technology,more and more users and enterprises decide to store their data in a cloud server by outsourcing.However,these huge amounts of data may contain personal privacy,business secrets and other sensitive information of the users and enterprises.Thus,at present,how to protect,retrieve,and legally use the sensitive information while preventing illegal accesses are security challenges of data storage in the cloud environment.A new proxy re-encryption with keyword search scheme is proposed in this paper in order to solve the problem of the low retrieval efficiency of the encrypted data in the cloud server.In this scheme,the user data are divided into files,file indexes and the keyword corresponding to the files,which are respectively encrypted to store.The improved scheme does not need to re-encrypt partial file cipher-text as in traditional schemes,but re-encrypt the cipher-text of keywords corresponding to the files.Therefore the scheme can improve the computational efficiency as well as resist chosen keyword attack.And the scheme is proven to be indistinguishable under Hash Diffie-Hellman assumption.Furthermore,the scheme does not need to use any secure channels,making it more effective in the cloud environment. 展开更多
关键词 Cloud computing keyword search proxy re-encryption provable security
下载PDF
Identity-based proxy re-encryption scheme from RLWE assumption with ciphertext evolution
11
作者 Meng Hui Ren Lina Zhao Zongqu 《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2023年第5期51-60,共10页
Proxy re-encryption(PRE)allows users to transfer decryption rights to the data requester via proxy.Due to the current PRE schemes from lattice(LPRE)cannot fulfill chosen-ciphertext attack(CCA)security,an identity-base... Proxy re-encryption(PRE)allows users to transfer decryption rights to the data requester via proxy.Due to the current PRE schemes from lattice(LPRE)cannot fulfill chosen-ciphertext attack(CCA)security,an identity-based PRE(IB-PRE)scheme from learning with errors over ring(RLWE)assumption with ciphertext evolution(IB-LPRE-CE)was proposed.IB-LPRE-CE generates the private key using the preimage sampling algorithm(SamplePre)and completes the ciphertext delegation using the re-encryption algorithm.In addition,for the problem of ciphertext delegation change caused by the long-term secret key update,the idea of PRE is used to complete ciphertext evolution and the modification of ciphertext delegation,which improves the efficiency of secure data sharing.In terms of security,IB-LPRE-CE is CCA security based on RLWE assumption.Compared with the current LPRE schemes,IB-LPRE-CE offers greater security and improves the computational efficiency of the encryption algorithm. 展开更多
关键词 proxy re-encryption(PRE) learning with errors over ring(RLWE) chosen-ciphertext attack(CCA) ciphertext delegation ciphertext evolution
原文传递
Identity-based threshold proxy re-encryption scheme from lattices and its applications 被引量:3
12
作者 Liqiang WU Yiliang HAN +1 位作者 Xiaoyuan YANG Minqing ZHANG 《Frontiers of Information Technology & Electronic Engineering》 SCIE EI CSCD 2022年第2期258-277,共20页
Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal ... Threshold proxy re-encryption(TPRE)can prevent collusion between a single proxy and a delegatee from converting arbitrary files against the wishes of the delegator through multiple proxies,and can also provide normal services even when certain proxy servers are paralyzed or damaged.A non-interactive identity-based TPRE(IB-TPRE)scheme over lattices is proposed which removes the public key certificates.To accomplish this scheme,Shamir’s secret sharing is employed twice,which not only effectively hides the delegator’s private key information,but also decentralizes the proxy power by splitting the re-encryption key.Robustness means that a combiner can detect a misbehaving proxy server that has sent an invalid transformed ciphertext share.This property is achieved by lattice-based fully homomorphic signatures.As a result,the whole scheme is thoroughly capable of resisting quantum attacks even when they are available.The security of the proposed scheme is based on the decisional learning with error hardness assumption in the standard model.Two typical application scenarios,including a file-sharing system based on a blockchain network and a robust key escrow system with threshold cryptography,are presented. 展开更多
关键词 Post-quantum cryptography Threshold proxy re-encryption LATTICES ROBUSTNESS DECENTRALIZATION
原文传递
New Constructions for Identity-Based Unidirectional Proxy Re-Encryption 被引量:2
13
作者 赖俊祚 朱文涛 +2 位作者 邓慧杰 刘胜利 寇卫东 《Journal of Computer Science & Technology》 SCIE EI CSCD 2010年第4期793-806,共14页
We address the cryptographic topic of proxy re-encryption (PRE), which is a special public-key cryptosystem. A PRE scheme allows a special entity, known as the proxy, to transform a message encrypted with the public... We address the cryptographic topic of proxy re-encryption (PRE), which is a special public-key cryptosystem. A PRE scheme allows a special entity, known as the proxy, to transform a message encrypted with the public key of a delegator (say Alice), into a new ciphertext that is protected under the public key of a delegatee (say Bob), and thus the same message can then be recovered with Bob's private key. In this paper, in the identity-based setting, we first investigate the relationship between so called mediated encryption and unidirectional PRE. We provide a general framework which converts any secure identity-based unidirectional PRE scheme into a secure identity-based mediated encryption scheme, and vice versa. Concerning the security for unidirectional PRE schemes, Ateniese et al. previously suggested an important property known as the master secret security, which requires that the coalition of the proxy and Bob cannot expose Alice's private key. In this paper, we extend the notion to the identity-based setting, and present an identity-based unidirectional PRE scheme, which not only is provably secure against the chosen eiphertext attack in the standard model but also achieves the master secret security at the same time. 展开更多
关键词 identity-based encryption (IBE) unidirectional proxy re-encryption mediated encryption (mE) chosen ci-phertext attack (CCA) master secret security (MSS).
原文传递
Efficient and Provably-Secure Certificateless Proxy Re-encryption Scheme for Secure Cloud Data Sharing 被引量:2
14
作者 王亮亮 陈克非 +1 位作者 毛贤平 王永涛 《Journal of Shanghai Jiaotong university(Science)》 EI 2014年第4期398-405,共8页
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry... In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography. 展开更多
关键词 cloud computing secure data sharing proxy re-encryption(PRE) certificateless encryption key escrow computational Diffie-Hellman(CDH) problem random oracle
原文传递
Proxy Re-Encryption Based Multi-Factor Access Control for Ciphertext in Cloud
15
作者 SUMang WANG Liangchen +1 位作者 FUAnmin YU Yan 《Journal of Shanghai Jiaotong university(Science)》 EI 2018年第5期666-670,共5页
Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the informat... Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the information. As an important technology of cloud security, access control should take account of multi-factor and ciphertext to satisfy the complex requirement for cloud data protection. We propose a proxy re-encryption (PRE) based multi-factor access control (PMAC) for cipher text in the above background. The PMAC adapts to the privacy and the protection of data confidently. We explain the motivation and some assumptions of PMAC at first. Then we define system model and algorithm. The system model and algorithm show how to create the data with corresponding accessing Policy and how to grant and revoke the nermission. 展开更多
关键词 proxy re-encryption (PRE) access control multi-factor cipher text cloud computing
原文传递
Secure Proxy Re-Encryption from CBE to IBE
16
作者 CHEN Yan ZHANG Futai 《Wuhan University Journal of Natural Sciences》 CAS 2008年第6期657-661,共5页
In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. Th... In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. The scheme is non-interactive, unidirectional and collude "safe". Furthermore, it is compatible with current IBE (identity-based encryption) deployments. The scheme has chosen ciphertext security in the random oracle model assuming the hardness of the Decisional Bilinear Diffie-Hellman problem. 展开更多
关键词 proxy re-encryption traditional public key encryption identity-based public key encryption Decisional Bilinear Diffie-Hellman problem random oracle model
原文传递
On the Privacy-Preserving Outsourcing Scheme of Reversible Data Hiding over Encrypted Image Data in Cloud Computing 被引量:11
17
作者 Lizhi Xiong Yunqing Shi 《Computers, Materials & Continua》 SCIE EI 2018年第6期523-539,共17页
Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the clou... Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the cloud.In the meantime,some computationally expensive tasks are also undertaken by cloud servers.However,the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data.Recently,this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data.In this paper,two reversible data hiding schemes are proposed for encrypted image data in cloud computing:reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain.The former is that additional bits are extracted after decryption and the latter is that extracted before decryption.Meanwhile,a combined scheme is also designed.This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing,which not only ensures multimedia data security without relying on the trustworthiness of cloud servers,but also guarantees that reversible data hiding can be operated over encrypted images at the different stages.Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme.The computation cost of the proposed scheme is acceptable and adjusts to different security levels. 展开更多
关键词 Cloud data security re-encryption reversible data hiding cloud computing privacy-preserving.
下载PDF
A Practical Group Key Management Algorithm for Cloud Data Sharing with Dynamic Group
18
作者 Wei Song Hua Zou +1 位作者 Haowen Liu Jun Chen 《China Communications》 SCIE CSCD 2016年第6期205-216,共12页
Cloud data sharing service, which allows a group of people to work together to access and modify the shared data, is one of the most popular and efficient working styles in the enterprises. However, the cloud server i... Cloud data sharing service, which allows a group of people to work together to access and modify the shared data, is one of the most popular and efficient working styles in the enterprises. However, the cloud server is not completely trusted, and its security could be compromised by monetary reasons or caused by hacking and hardware errors. Therefore, despite of having advantages of scalability and flexibility, cloud storage service comes with privacy and the security concerns. A straightforward method to protect the user's privacy is to encrypt the data stored at the cloud. To enable the authenticated users to access the encrypted cloud data, a practical group key management algorithm for the cloud data sharing application is highly desired. The existing group key management mechanisms presume that the server is trusted. But, the cloud data service mode does not always meet this condition. How to manage the group keys to support the scenario of the cloud storage with a semi-trusted cloud server is still a challenging task. Moreover, the cloud storage system is a large-scale and open application, in which the user group is dynamic. To address this problem, we propose a practical group key management algorithm based on a proxy re-encryption mechanism in this paper. We use the cloud server to act as a proxy tore-encrypt the group key to allow authorized users to decrypt and get the group key by their private key. To achieve the hierarchical access control policy, our scheme enables the cloud server to convert the encrypted group key of the lower group to the upper group. The numerical analysis and experimental results further validate the high efficiency and security of the proposed scheme. 展开更多
关键词 proxy re-encryption group key management bilinear map encrypted cloud storage
下载PDF
Multi-Owner Keyword Search over Shared Data without Secure Channels in the Cloud
19
作者 Yilun Wu Xicheng Lu +3 位作者 Jinshu Su Peixin Chen Xiaofeng Wang Bofeng Zhang 《China Communications》 SCIE CSCD 2017年第5期124-133,共10页
Searchable encryption allows cloud users to outsource the massive encrypted data to the remote cloud and to search over the data without revealing the sensitive information. Many schemes have been proposed to support ... Searchable encryption allows cloud users to outsource the massive encrypted data to the remote cloud and to search over the data without revealing the sensitive information. Many schemes have been proposed to support the keyword search in a public cloud. However,they have some potential limitations. First,most of the existing schemes only consider the scenario with the single data owner. Second,they need secure channels to guarantee the secure transmission of secret keys from the data owner to data users. Third,in some schemes,the data owner should be online to help data users when data users intend to perform the search,which is inconvenient.In this paper,we propose a novel searchable scheme which supports the multi-owner keyword search without secure channels. More than that,our scheme is a non-interactive solution,in which all the users only need to communicate with the cloud server. Furthermore,the analysis proves that our scheme can guarantee the security even without secure channels. Unlike most existing public key encryption based searchable schemes,we evaluate the performance of our scheme,which shows that our scheme is practical. 展开更多
关键词 keyword search cloud security secure channels proxy re-encryption
下载PDF
Design of a Secure and Efficient Distributed Cryptographic Storage System
20
作者 杨晓元 朱率率 《China Communications》 SCIE CSCD 2011年第2期66-74,共9页
Proxy Re-encryption(PRE) is greatly concerned by researchers recently. It potentially has many useful applications in network communications and file sharing. Secure distributed cryptographic file system is one of its... Proxy Re-encryption(PRE) is greatly concerned by researchers recently. It potentially has many useful applications in network communications and file sharing. Secure distributed cryptographic file system is one of its applications. But the practical applications of PRE are few. And even fewer of them are tested by systematically designed experiments. Appling a couple of representative algorithms proposed by BBS,Ateniese,Shao,et al.,a distributed file system is designed. In the system,some substitute mechanisms such as data dispersal,dynamic file sharing,are well-applied. A lot of features such as flexible authorization and data redundancy are embraced in the system. The comparison evaluation justified that the system is more practical and efficient. 展开更多
关键词 cryptographic file system proxy re-encryption file sharing data redundancy
下载PDF
上一页 1 2 下一页 到第
使用帮助 返回顶部