Flexible attribute-based proxy re-encryption for efficient data sharing

An increasing number of people are sharing their data through third-party platforms. Attribute-based encryption (ABE) is a promising primitive that allows enforcing fine-grained access control on the data to be shared. An issue in ABE is that a priori access policies should be determined during the system setup or encryption phase, but these policies will become obsolete over time. Another issue is that the decryption of ABE generally requires complicated and expensive computations, which may be unaffordable for resource-limited users (e.g., mobile-device users). To address these issues, we propose a new paradigm called hybrid attribute-based proxy re-encryption (HAPRE). In HAPRE, a semitrusted proxy can be authorized to convert ciphertexts of an ABE scheme into ciphertexts of an identity-based encryption (IBE) scheme without letting the proxy know the underlying messages. With these features, HAPRE enables resource-limited users to efficiently access the data previously encrypted by ABE. We construct two HAPRE schemes by utilizing a compact IBE scheme and a key rerandomization technique, and then we prove that the schemes are semantically secure and collusion resistant. Theoretical and experimental analyses demonstrate the efficiency of the HAPRE schemes.