Content deleted Content added
m Removing from Category:Cryptography because it is already in child cat using Cat-a-lot |
Citation bot (talk | contribs) Add: url. | Use this bot. Report bugs. | Suggested by SemperIocundus | #UCB_webform 1484/2500 |
||
Line 13:
** A ''uni-directional scheme'' is effectively one-way; messages can be re-encrypted from Bob to Charlie, but not the reverse. Uni-directional schemes can be constructed such that the delegated party need not reveal its secret key. For example, Bob could delegate to Charlie by combining his secret key with Charlie's public key.
* '''Transitivity''' – Transitive proxy re-encryption schemes allow for a ciphertext to be re-encrypted an unlimited number of times. For example, a ciphertext might be re-encrypted from Bob to Charlie, and then again from Charlie to David and so on. Non-transitive schemes allow for only one (or a limited number) of re-encryptions on a given ciphertext. Most known schemes are bi-directional and transitive. Currently, the only known uni-directional, transitive proxy re-encryption is done through the use of [[Homomorphic encryption|Homomorphic Encryption]].<ref>{{Cite book|url=https://crypto.stanford.edu/craig/craig-thesis.pdf|title=A Fully Homomorphic Encryption System|last=Gentry|first=Craig|date=September 2009|pages=35}}</ref>
* '''Cloud Computing''' – Proxy re-encryption has potential applications for secure sharing in a cloud computing environment. In the cloud scenario the re-encryption key is provided to the cloud operator/admin. Looking at the Bob, Charlie, David example, the cloud would take the place of Charlie. Bob generates a re-encryption key to supply to the cloud. The cloud operator/admin completes a re-encrypt of Bob’s encrypted files into David’s files whenever David downloads Bob’s files. Challenges exist with the cloud solution. A user could conspire with a cloud operator to gain access to all a user’s, such as Bob, files. A second potential challenge is segmentation via access control. A cloud user can restrict access to files via the assignment of conditional values. However, the number of re-encryption keys grows proportionately with the number of conditional values. This situation is not optimal for resource constrained devices.<ref>{{cite journal |last1=W. Chen, C. Fan, Y. Tseng |title=Efficient Key-Aggregate Proxy Re-Encryption for Secure Data Sharing in Clouds |journal=2018 IEEE Conference on Dependable and Secure Computing (DSC) |pages=1–4 |date=10–13 December 2018 |doi=10.1109/DESEC.2018.8625149|isbn=978-1-5386-5790-4 |s2cid=59232591 |url=http://etd.lib.nsysu.edu.tw/ETD-db/ETD-search/view_etd?URN=etd-0721117-175956 }}</ref>
Proxy re-encryption should not be confused with [[proxy signatures]], which is a separate construction with a different purpose.
| |||