Proxy Re-Encryption Scheme for Access Control Enforcement Delegation on Outsourced Data in Public Cloud

Abstract

We consider a model where large number of data items, each with different access privileges for a set of users, is outsourced and access is to be granted according to the access control policy specified by the data owner. Given this scenario and security goals, we highlight severe trust issue in existing proxy re-encryption schemes that are extensively used for access control in cloud computing. Typically, using proxy re-encryption schemes, access is managed through delegation of decryption rights from data owner to a user. In traditional proxy re-encryption schemes, availability of a re-encryption key from a delegator to a delegatee guarantees access delegation irrespective of delegatee’s access privileges for different data items encrypted under the delegator’s public key. So, employing a re-encryption scheme trivially for access control on outsourced data demands questionable amount of trust on the re-encrypting proxy for not carrying out unauthorized delegations. In this paper, we propose a proxy re-encryption scheme that takes into account the access control policy associated with data item(s) and despite the availability of re-encryption key(s), generates a valid re-encrypted ciphertext only if the delegatee is authorized for the data item being re-encrypted. We also propose an access control enforcement delegation scheme for outsourced data in public Cloud based on the proposed proxy re-encryption scheme. The task of enforcing access control according to the data owner’s policy itself is securely outsourced to the semi-trusted cloud service provider. The Cloud service provider is unable to learn anything about the underlying plaintext data item or the secrets of the data owner or the access control policy associated with any data item. The data owner and delegatee users store only their secret keys. The proposed access control enforcement delegation scheme supports dynamic access control policies and preserves forward and backward secrecy following any dynamic updates in the access policies. We prove security of the proposed proxy re-encryption scheme and access control scheme in standard model. The accompanying performance analysis further confirms the applicability of the proposed scheme in real-world setting.