Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage

Summary: Improved Proxy Re-Encryption Schemes with Applications to
Secure Distributed Storage
Giuseppe Ateniese Kevin Fu Matthew Green Susan Hohenberger
In 1998, Blaze, Bleumer, and Strauss (BBS) proposed an application called atomic proxy re-encryption,
in which a semi-trusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the
underlying plaintext. We predict that fast and secure re-encryption will become increasingly popular as
a method for managing encrypted file systems. Although efficiently computable, the wide-spread adop-
tion of BBS re-encryption has been hindered by considerable security risks. Following recent work of
Ivan and Dodis, we present new re-encryption schemes that realize a stronger notion of security and we
demonstrate the usefulness of proxy re-encryption as a method of adding access control to the SFS read-
only file system. Performance measurements of our experimental file system demonstrate that proxy
re-encryption can work effectively in practice.
1 Introduction
Proxy re-encryption allows a proxy to transform a ciphertext computed under Alice's public key into one
that can be opened by Bob's secret key. There are many useful applications of this primitive. For instance,
Alice might wish to temporarily forward encrypted email to her colleague Bob, without giving him her
secret key. In this case, Alice the delegator could designate a proxy to re-encrypt her incoming mail into a
format that Bob the delegatee can decrypt using his own secret key. Clearly, Alice could provide her secret
key to the proxy but this requires an unrealistic level of trust in the proxy.


Source: Amir, Yair - Department of Computer Science, Johns Hopkins University


Collections: Computer Technologies and Information Sciences