Skip to main content
placeholder image

Obfuscating Re-encryption Algorithm with Flexible and Controllable Multihop on Untrusted Outsourcing Server

Journal Article


Abstract

  • An outsourcing re-encryption program can help a ciphertext owner (delegator) transform

    his/her ciphertext into another ciphertext of delegatee. For example, an e-mail receiver can re-transfer

    an encrypted e-mail to his secretary while allowing the e-mail to be readable for her. For a multi-hop

    re-encryption, the delegatee can re-encrypt the ciphertext to another user in delegation chain, repeatedly.

    Traditionally, this transformation is usually conducted by a proxy or an outsourcing server. However,

    the proxy or outsourcing server needs a re-encryption key (i.e., re-key) and the re-encryption program

    must execute in a black-box manner (cannot trace into or debug and monitor the program), and thus the

    outsource server must be semi-trusted. Actually, as the outsource program was run and fully controlled

    by the server, in this paper, we consider a stronger attack in the case that the re-encryption program was

    run on an untrusted/malicious server and even the server can trace into the codes and monitor the variables

    during the executing. We design a secure multi-hop re-encryption scheme, and then convert the re-encryption

    program into an obfuscated version with constant-hiding to ensure no sensitive information be revealed. The

    obfuscator of multi-hop re-encryption is to faithfully hide the program and its sensitive data that takes a

    re-encryption program/circuit as input and outputs another program with the same functionality, while

    revealing no more sensitive information (i.e., sensitive key and plaintext) than learns from the blackbox

    oracle access to the original program. We also present a flexible and controllable construction of

    re-encryption scheme, functionality model and its obfuscation version in leveled multilinear groups, and

    exemplify some scenarios to deploy in various applications. Finally, we provide the performance analysis

    of the obfuscator, such as functionality preservation of consistency, polynomial slowdown of performance,

    and average-case virtual black-box of security, and show that the obfuscator is efficient and practical in use.

Authors

  •   Zhang, Mingwu (external author)
  •   Jiang, Yan (external author)
  •   Mu, Yi (external author)
  •   Susilo, Willy

Publication Date

  • 2017

Citation

  • Zhang, M., Jiang, Y., Mu, Y. & Susilo, W. (2017). Obfuscating Re-encryption Algorithm with Flexible and Controllable Multihop on Untrusted Outsourcing Server. IEEE Access, 5 26419-26434.

Scopus Eid

  • 2-s2.0-85034273420

Number Of Pages

  • 15

Start Page

  • 26419

End Page

  • 26434

Volume

  • 5

Place Of Publication

  • United States

Abstract

  • An outsourcing re-encryption program can help a ciphertext owner (delegator) transform

    his/her ciphertext into another ciphertext of delegatee. For example, an e-mail receiver can re-transfer

    an encrypted e-mail to his secretary while allowing the e-mail to be readable for her. For a multi-hop

    re-encryption, the delegatee can re-encrypt the ciphertext to another user in delegation chain, repeatedly.

    Traditionally, this transformation is usually conducted by a proxy or an outsourcing server. However,

    the proxy or outsourcing server needs a re-encryption key (i.e., re-key) and the re-encryption program

    must execute in a black-box manner (cannot trace into or debug and monitor the program), and thus the

    outsource server must be semi-trusted. Actually, as the outsource program was run and fully controlled

    by the server, in this paper, we consider a stronger attack in the case that the re-encryption program was

    run on an untrusted/malicious server and even the server can trace into the codes and monitor the variables

    during the executing. We design a secure multi-hop re-encryption scheme, and then convert the re-encryption

    program into an obfuscated version with constant-hiding to ensure no sensitive information be revealed. The

    obfuscator of multi-hop re-encryption is to faithfully hide the program and its sensitive data that takes a

    re-encryption program/circuit as input and outputs another program with the same functionality, while

    revealing no more sensitive information (i.e., sensitive key and plaintext) than learns from the blackbox

    oracle access to the original program. We also present a flexible and controllable construction of

    re-encryption scheme, functionality model and its obfuscation version in leveled multilinear groups, and

    exemplify some scenarios to deploy in various applications. Finally, we provide the performance analysis

    of the obfuscator, such as functionality preservation of consistency, polynomial slowdown of performance,

    and average-case virtual black-box of security, and show that the obfuscator is efficient and practical in use.

Authors

  •   Zhang, Mingwu (external author)
  •   Jiang, Yan (external author)
  •   Mu, Yi (external author)
  •   Susilo, Willy

Publication Date

  • 2017

Citation

  • Zhang, M., Jiang, Y., Mu, Y. & Susilo, W. (2017). Obfuscating Re-encryption Algorithm with Flexible and Controllable Multihop on Untrusted Outsourcing Server. IEEE Access, 5 26419-26434.

Scopus Eid

  • 2-s2.0-85034273420

Number Of Pages

  • 15

Start Page

  • 26419

End Page

  • 26434

Volume

  • 5

Place Of Publication

  • United States