R&D: Proxy Re-Encryption Scheme for Decentralized Storage Networks
Proposed scheme does not require proxy to transfer ciphertext into new one, it reduces computation and operation time when allowing new user to access file.
This is a Press Release edited by StorageNewsletter.com on June 28, 2022 at 2:03 pmApplied Sciences has published an article written by Jia Kan, Department of Communications and Networking, Xi’an Jiaotong-Liverpool University, Suzhou 215123, China, and College of Data Science, Taiyuan University of Technology, Taiyuan 030024, China, Jie Zhang, Department of Communications and Networking, Xi’an Jiaotong-Liverpool University, Suzhou 215123, China, Dawei Liu, Cyber Technology Institute, De Montfort University, Leicester LE1 9BH, UK, and Xin Huang, College of Data Science, Taiyuan University of Technology, Taiyuan 030024, China.
Abstract: “Storage is a promising application for permission-less blockchains. Before blockchain, cloud storage was hosted by a trusted service provider. The centralized system controls the permission of the data access. In web3, users own their data. Data must be encrypted in a permission-less decentralized storage network, and the permission control should be pure cryptographic. Proxy re-encryption (PRE) is ideal for cryptographic access control, which allows a proxy to transfer Alice’s ciphertext to Bob with Alice’s authorization. The encrypted data are stored in several copies for redundancy in a permission-less decentralized storage network. The redundancy suffers from the outsourcing attack. The malicious resource provider may fetch the content from others and respond to the verifiers. This harms data integrity security. Thus, proof-of-replication (PoRep) must be applied to convince the user that the storage provider is using dedicated storage. PoRep is an expensive operation that encodes the original content into a replication. Existing PRE schemes cannot satisfy PoRep, as the cryptographic permission granting generates an extra ciphertext. A new ciphertext would result in several expensive replication operations. We searched most of the PRE schemes for the combination of the cryptographic methods to avoid transforming the ciphertext. Therefore, we propose a new PRE scheme. The proposed scheme does not require the proxy to transfer the ciphertext into a new one. It reduces the computation and operation time when allowing a new user to access a file. Furthermore, the PRE scheme is CCA (chosen-ciphertext attack) security and only needs one key pair.“