^{1}

^{2}

^{3}

^{1}

^{2}

^{3}

Time- and ID-based proxy reencryption scheme is proposed in this paper in which a type-based proxy reencryption enables the delegator to implement fine-grained policies with one key pair without any additional trust on the proxy. However, in some applications, the time within which the data was sampled or collected is very critical. In such applications, for example, healthcare and criminal investigations, the delegatee may be interested in only some of the messages with some types sampled within some time bound instead of the entire subset. Hence, in order to carter for such situations, in this paper, we propose a time-and-identity-based proxy reencryption scheme that takes into account the time within which the data was collected as a factor to consider when categorizing data in addition to its type. Our scheme is based on Boneh and Boyen identity-based scheme (BB-IBE) and Matsuo’s proxy reencryption scheme for identity-based encryption (IBE to IBE). We prove that our scheme is semantically secure in the standard model.

A proxy reencryption (PRE) scheme involves three parties: delegator (Alice), delegatee (Bob), and a proxy (semitrusted third party). Alice assigns a key to a proxy to reencrypt all her messages encrypted with her public key such that the reencrypted ciphertexts can be decrypted with Bob’s private key. Due to this delegation of decrypting capability, various applications of PRE have been suggested, for example, email forwarding, digital rights management (DRM), law enforcement, and secure network file storage [

Based on a simple modification of the ElGamal encryption scheme, Blaze et al. [

In 2008, Tang [

As pointed out in [

Despite this advantage, however, in some applications, instead of delegating all the messages under a type-based subset, the delegator may be required to delegate just some of the messages within the subset. This may be because the delegate could be interested in specific messages collected or sampled within a specified period of time. For example, (1) in healthcare, a physician maybe interested only in a patient’s recent (e.g., last five months) prescription history to check if his/her recent drug interactions could conflict with the proposed course of treatment. (2) In criminal investigations, an investigator may only be interested in video footage from closed circuit television recordings (CCTV) of the crime scene that were taken within the time bound of the occurrence of the crime. In view of such cases, we argue that incorporating an element of time period (e.g., hours, days, etc.) in TBE would give the delegator more flexibility to provide the proxy with more fine-grained reencryption capabilities. Hence, in this paper we propose a time-and-identity-based proxy reencryption scheme (

In this section, we first review the basic concept of the bilinear maps and related assumptions. Then, a brief discussion of IBE and TIB-PRE together with their respective security models will follow [

Let

We assume that there is an efficient algorithm

The decisional bilinear Diffie-Hellman (dBDH) problem in groups

An IBE scheme consists of four algorithms:

The selective identity chosen plaintext (IND-sID-CPA) security for an IBE scheme is defined as a game between an adversary

Once adversary decides that phase 1 is over, it selects two equal length plaintexts

An IBE scheme is IND-sID-CPA secure if

We define the advantage of adversaries in an IND-sID-CPA games as

We base our definitions on [

A TIB-PRE scheme is a PRE that combines the concepts of both IBE and type-based encryption. The scheme consists of six algorithms:

We model selective identity chosen plaintext security for a TIB-PRE scheme as a game between an adversary

Once adversary decides that phase 1 is over, it selects two equal length plaintexts

he/she cannot issue private key queries for

if there is a

At the end of the game, the adversary’s advantage is defined to be

In this section, we propose our time-and-identity-based proxy reencryption scheme (

Note that

To delegate his decryption right for some message subsets, the delegator makes use of the following algorithms.

Suppose that the

Let

picks

sets

Once adversary decides that phase 1 is over, it selects two equal length plaintexts

In this paper, a time-and-identity based proxy reencryption scheme based on BB-IBE and Matsuo’s PRE scheme has been proposed. Our scheme incorporates concept of time and gives the delegator the flexibility to categorize his/her message into subsets based on some defined time period. We have proven our scheme to be selective identity, chosen plaintext attack (IND-sID-CPA) secure in the standard model based on the decisional BDH assumption in the bilinear groups. Using only one key pair, the delegator in the scheme can provide the proxy with differentiated reencryption capabilities. This work can also be extended and included in various other fields [

The authors declare that there is no conflict of interests regarding the publication of this paper.

This work was supported by the National Research Foundation of Korea Grant funded by the Korean Government (no. NRF-13S1A5B6044042).