Conditional Identity-Based Broadcast Proxy Re-Encryption and Its Application to Cloud Email

No Comments

Conditional Identity-Based Broadcast Proxy Re-Encryption and Its Application to Cloud Email


Recently, a number of extended Proxy Re-Encryptions (PRE), e.g. Conditional (CPRE), identity-based PRE (IPRE) and broadcast PRE (BPRE), have been proposed for flexible applications. By incorporating CPRE, IPRE and BPRE, this paper proposes a versatile primitive referred to as conditional identity-based broadcast PRE (CIBPRE) and formalizes its semantic security. CIBPRE allows a sender to encrypt a message to multiple receivers by specifying these receivers’ identities, and the sender can delegate a re-encryption key to a proxy so that he can convert the initial ciphertext into a new one to a new set of intended receivers. Moreover, the re-encryption key can be associated with a condition such that only the matching ciphertexts can be re-encrypted, which allows the original sender to enforce access control over his remote ciphertexts in a fine-grained manner. We propose an efficient CIBPRE scheme with provable security. In the instantiated scheme, the initial ciphertext, the re-encrypted ciphertext and the re-encryption key are all in constant size, and the parameters to generate a re-encryption key are independent of the original receivers of any initial ciphertext. Finally, we show an application of our CIBPRE to secure cloud email system advantageous over existing secure email systems based on Pretty Good Privacy protocol or identity-based encryption.


  • PRE and IPRE allows a single receiver. If there are more receivers, the system needs to invoke PRE or IPRE multiple times. To address this issue, the concept of broadcast PRE (BPRE) has been proposed. BPRE works in a similar way as PRE and IPRE but more versatile.
  • In contrast, BPRE allows a sender to generate an initial ciphertext to a receiver set, instead of a single receiver. Further, the sender can delegate a re-encryption key associated with another receiver set so that the proxy can re-encrypt to.
  • A recent conditional proxy broadcast re-encryption scheme allows the senders to control the time to reencrypt their initial ciphertexts. When a sender generates a re-encryption key to re-encrypt an initial ciphertext, the sender needs to take the original receivers’ identities of the initial ciphertext as input. In practice, it means that the sender must locally remember the receivers’ identities of all initial ciphertexts. This requirement makes this scheme constrained for the memory-limited or mobile senders and efficient only for special applications.


  • The early PRE was proposed in the traditional public-key infrastructure setting which incurs complicated certificate management.
  • The PRE schemes only allow data sharing in a coarse-grained manner. That is, if the user delegates a reencryption key to the proxy, all ciphertexts can be reencrypted and then be accessible to the intended users; else none of the ciphertexts can be re-encrypted or accessed by others.
  • PGP and IBE, system is less efficient in the aspect of communication and not more practical in user experience.
  • Users are not able to share the encrypted data to others lot of issue are occurring.
  • No Identity provided for public keys to encrypt data.


  • In this paper, we refine PRE by incorporating the advantages of IPRE, CPRE and BPRE for more flexible applications and propose a new concept of conditional identity based broadcast PRE (CIBPRE). In a CIBPRE system, a trusted key generation center (KGC) initializes the system parameters of CIBPRE, and generates private keys for users.
  • To securely share files to multiple receivers, a sender can encrypt the files with the receivers’ identities and file-sharing conditions. If later the sender would also like to share some files associated with the same condition with other receivers, the sender can delegate a re-encryption key labeled with the condition to the proxy, and the parameters to generate the re-encryption key is independent of the original receivers of these files. Then the proxy can re-encrypt the initial ciphertexts matching the condition to the resulting receiver set.
  • With CIBPRE, in addition to the initial authorized receivers who can access the file by decrypting the initial ciphertext with their private keys, the newly authorized receivers can also access the file by decrypting the re-encrypted ciphertext with their private keys.


  • The sender does not need to download and re-encrypt repetitively, but delegates a single key matching condition to the proxy. These features make CIBPRE a versatile tool to secure remotely stored files, especially when there are different receivers to share the files as time passes.
  • We define a practical security notion for CIBPRE systems. Intuitively, without the corresponding private keys, one can learn nothing about the plaintext hidden in the initial or re-encrypted CIBPRE ciphertext; an initial ciphertext can not be correctly re-encrypted by a re-encryption key if the ciphertext and the key are associated with different conditions.
  • We propose an efficient CIBPRE that is provably secure in the above adversary model. We prove that the IND-sIDCPA security of the proposed CIBPRE scheme if the underlying identity-based broadcast encryption (IBBE) scheme is secure and the Decisional Bilinear Diffie-Hellman (DBDH) assumption holds. Our proposed CIBPRE scheme enjoys constant-size initial and re-encrypted ciphertexts, and eliminates the constraints of the recent work





  • System                           :         Pentium Dual Core.
  • Hard Disk                     :         120 GB.
  • Monitor                         :         15’’ LED
  • Input Devices               :         Keyboard, Mouse
  • Ram                               :         1GB 


  • Operating system        :         Windows 7.
  • Coding Language        :         JAVA/J2EE
  • Tool                                :         Netbeans 7.2.1
  • Database                       :         MYSQL


Peng Xu, Member, IEEE, Tengfei Jiao, Qianhong Wu, Member, IEEE, Wei Wang, Member, IEEE, and Hai Jin, Senior Member, IEEE, “Conditional Identity-Based Broadcast Proxy Re-Encryption and Its Application to Cloud Email”, IEEE TRANSACTIONS ON COMPUTERS, VOL. 65, NO. 1, JANUARY 2016.


Fields marked with an * are required



Please, let us know the best time to contact you by phone (if provided).

I would like to get new blog posts by email