PAC: Privacy preserving proxy re-encryption for access control in public cloud

Proxy re-encryption is an essential prerequisite that facilitates a foreign entity (e.g., cloud server) to enforce the access of provisions of a document extended by one user to another user. While performing this task it is essential that the foreign entity does not learn any information about the actual document inside the encrypted envelop. In this paper, we present a scheme on Privacy-preserving Proxy Re-encryption for Access Control in Public Cloud, termed as PAC, that provides the proxy re-encryption of attribute-based encrypted data with receiver privacy. The proposed PAC scheme enables a proxy server to perform the re-encryption operation without learning anything about the data or the access policy. The PAC provides data confidentiality, and preserves receiver privacy. We show the PAC scheme adaptively secure against indistinguishability of ciphertext policy and chosen-plaintext attack (IND-CP-CPA) under the 2-Decisional Bilinear Diffie-Hellman Inversion assumption. The scheme is implemented on Google cloud instance and the experimental results show that the PAC scheme is storage and computation-efficient when compared to other related schemes.