A pairing-free certificate-based proxy re-encryption scheme for secure data sharing in public clouds

• This paper proposes a pairing-free certificate-based proxy re-encryption scheme.
• The scheme is proven secure under the classic CDH assumption.
• The scheme is particularly suitable for the computation-limited devices.

To assure the confidentiality of the sensitive data stored in public cloud storages, the data owners should encrypt their data before submitting them to the clouds. However, it brings new challenge for us to effectively share the encrypted data in the public clouds. The paradigm of proxy re-encryption provides a promising solution to data sharing as it enables a data owner to delegate the decryption rights of the encrypted data to the authorized recipients without any direct interaction. Certificate-based proxy re-encryption is a new cryptographic primitive to effectively support the data confidentiality in public cloud storages, which enjoys the advantages of certificate-based encryption while providing the functionalities of proxy re-encryption. In this paper, we propose a certificate-based proxy re-encryption scheme without bilinear pairings. The proposed scheme is proven secure under the computational Diffie-Hellman assumption in the random oracle model. Due to avoiding the time-consuming bilinear pairing operations, the proposed scheme significantly reduces the computation cost. Compared to the previous certificate-based proxy re-encryption schemes with bilinear pairings, it enjoys obvious advantage in the computation efficiency, and thus is more suitable for the computation-limited or power-constrained devices.