Anonymous attribute-based proxy re-encryption for access control in cloud computing

摘要

As a public key cryptographic primitive, attribute-based encryption (ABE) is promising in implementing fine-grained access control in cloud computing. However, before ABE comes into practical applications, two challenging issues have to be addressed, that is, users' attribute privacy protection and access policy update. In this paper, we tackle the aforementioned challenge for the first time by formalizing the notion of anonymous ciphertext-policy attribute-based proxy re-encryption (anonymous CP-ABPRE) and giving out a concrete construction. We propose a novel technique called match-then-re-encrypt, in which a matching phase is additionally introduced before the re-encryption phase. This technique uses special components of the proxy re-encryption key and ciphertext to anonymously check whether the proxy can fulfill a proxy re-encryption or not. Theoretical analysis and simulation results demonstrate that our anonymous CP-ABPRE scheme is secure and efficient. Copyright (c) 2016 John Wiley & Sons, Ltd.