Beruflich Dokumente
Kultur Dokumente
2
Mathematical Background
Concert Construction 3
Analysis(observation) 4
Conclusion 2
5
1. Introduction
PRE
In a proxy re-encryption scheme, a proxy can convert an
encryption computed under sender public-key into an
Such a scheme can be used by Alice to temporarily forward encrypted message to bob without giving him
her secrete key.
The proxy and Bob ,however , are not allowed to collude, thus it is usually assumed that at least one of the
two is honest.
The Fundamental property of proxy re-encryption schemes is that the proxy is not fully trusted, i.e., it does
not know the secret keys of Alice or Bob and does not learn the plaintext during the conversion.
3
Proxy re-encryption
(PRE)
As shown in Fig. the architecture for the
Proxy Re-encryption(PRE) proxy Re-Encryption system Consists of
the following entities:
4
Cont…
To do so in the proxy re-encryption scheme, Alice uses her p
rivate key and the public key of Bob to generate a re-encryp
tion key.
Alice then sends the re-encryption key to the server.
Upon receiving this re-encryption key, the server uses the ke
y to transform all the n encrypted messages C1, C2, …, Cn to
a new form denoted as D1, D2, …, Dn.
Bob can then download D1, D2, …, Dn, decrypt them, and re
cover the messages M1, M2, … Mn using his private key.
5 5
Draw back of Proxy re-encryption based
on Integer
Need of digital certificate
Poor in public key management
Not efficient with respect to memory consumption
6
Related Work
Mambo and Okamoto proposed a technique for delegating
decryption rights
Blaze, Bleumer and Strauss [2] later presented the first secu
re “atomic” re-encryption primitive.
Jakobsson [4], and Zhou, et. al. [14] addressed this collusion
problem via quorum-based protocols which divided the prox
y into many distinct components.
Dodis and Ivan [5] realized a form of unidirectional proxy e
ncryption by doubly-encrypting messages under two separat
e keys.
7
Identity-Based proxy Re-encryption
Identity based proxy re-encryption was first introduced by s
hamir in 1984.
In identity-Based proxy re-encryption (IBE), in which send
ers encrypt messages using the recipient’s identity (a string)
as the public key.
The identity that can be used for encryption can be anything tha
t uniquely describe the receiver identity such as:-
Email address
Passport number
8
Identity -Based Encryption
(IBE)
Identity -based Encryption scheme IBE
Identity -Based Encryption consists of four algorithms below.
Setup (λ): The setup algorithm takes as input - a security parameter λ. It
(IBE) Outputs (PK, MK), where PK denotes the public key and MK denotes
KeyGen (, MK): For each user’s private key request, the key extraction
algorithm takes as input- a user's access structure (resp. identity set) and
the identity authority's master Key MK. It outputs the user's private key
SK.
Encrypt (M,): The encryption algorithm takes as input - a message M
and the identity set (resp. access structure) . It outputs the ciphertext
CT with access policy.
Decrypt (CT,SK) : The decryption algorithm takes as input - a ciphertext
CT which was assumed to be encrypted under the identity set (resp.
access structure) and the private key SK for access structure (resp.
Data Owner attribute set) ,. It outputs the message M if (, ) = 1 and the error symbol ⊥
Otherwise, where the predicate is predefined.
9
Motivation of the Scheme
The idea is that any easy-to-remember string can be a publi
c key.
The motivation for IBE schemes is to simplify key manage
ment and remove the need of public key certificates as muc
h as possible:
since a key is the identity of its owner, there is no need to b
ind them by a digital certificate and a public repository cont
aining a list of user names and their associated public keys
becomes useless since public keys are human-memorable.
10
Cont…
End users do not have to enquire for a certificate for their p
ublic key.
The only things that still must be certified are the public ke
ys of trusted authorities called private key generators (PKG
s) that have to generate private keys associated to users iden
tities thanks to their secret key.
This does not completely remove the need of certificates bu
t, since many users depend on the same authority, this need
is drastically reduced.
11
Architecture of Identity-Based pro
xy
Re-Encryption
12
Properties of the Scheme
Unidirectionality
Non-Interactivity(to secure private key)
Multiple-use capability: - permits the proxy (or proxies) to
perform multiple consecutive re-encryptions on a cipher tex
t.
Space-optimality: - doesn’t incur additional communication
costs in order to support re-encryption.
In the presented scheme which is Identity-based proxy re-e
ncryption (IB-PRE) schemes allow a proxy to translate a ci
pher text encrypted under sender identity into one compute
d under receiver identity.
13
2. Mathematical Background
14
Defintion1 Bilinear map
18
Cont…
Example:- ZP*7={1,2,3,4,5,6}
16
Defntion2 Decisional Bilinear Diffie H
ellman Assumption(DBDH)).
The schemes are based on the assumed intractability of the De
cisional Bilinear Diffie-Hellman problem (DBDH) in G,GT.
This assumption is believed to hold in certain groups, and used
as the basis of several Identity-Based Encryption schemes.
17
3. Concreate Construction
18
Cont…
19
Decryption
20
Correctness
IB-PRE scheme is correct if the Decrypt algorithm always o
utputs the expected decryption of a properly generated ciph
ertext(when supplied with the appropriate decryption key).
We define “proper generation” as the process of
Encrypting a plaintext using Encrypt, and
subsequently iteratively applying the Reencrypt algorithm
up to MaxLevels−1 times using valid re-encryption keys.
21
Validity of Correctness
22
Final stage of correctness
23
4. Analysis (Observation)
The presented scheme solves the problem of untrusty proxy
using a different approach which is unidirectional and non-i
nteractive by giving all the delegation authority to the user.
24
Cont…
The proposed scheme is a multi-use capability and space optimal.
25
Cont…
There are possibilities that we can forget our public key ide
ntity like E-mail, passport numbers. In this regard if the pu
blic key used for encryption is biometrics information's thi
s will be robust.
26
5. Conclusion and future work
In this work the researcher introduced new constructions en
abling non-interactive, unidirectional proxy re-encryption i
n the IBE setting.
27
Cont…
An interesting open problem is to find efficient construction
s for multi-use CCA-secure IBE-PRE schemes.
28
Thank You
Xie Xie
Nov, 2019
UESTC
29