Journal of Applied Mathematics

Volume 2014, Article ID 329198, 7 pages

http://dx.doi.org/10.1155/2014/329198

## Time-and-ID-Based Proxy Reencryption Scheme

^{1}Department of IT Convergence and Engineering, Kyungil University, Daegu 712-701, Republic of Korea^{2}School of Computer Science and Engineering, Kyungpook National University, Daegu 702-701, Republic of Korea^{3}Department of Multimedia, Sungkyul University, Anyang-si 430-742, Republic of Korea

Received 28 December 2013; Accepted 4 February 2014; Published 22 May 2014

Academic Editor: Jongsung Kim

Copyright © 2014 Kambombo Mtonga et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

#### Abstract

Time- and ID-based proxy reencryption scheme is proposed in this paper in which a type-based proxy reencryption enables the delegator to implement fine-grained policies with one key pair without any additional trust on the proxy. However, in some applications, the time within which the data was sampled or collected is very critical. In such applications, for example, healthcare and criminal investigations, the delegatee may be interested in only some of the messages with some types sampled within some time bound instead of the entire subset. Hence, in order to carter for such situations, in this paper, we propose a time-and-identity-based proxy reencryption scheme that takes into account the time within which the data was collected as a factor to consider when categorizing data in addition to its type. Our scheme is based on Boneh and Boyen identity-based scheme (BB-IBE) and Matsuo’s proxy reencryption scheme for identity-based encryption (IBE to IBE). We prove that our scheme is semantically secure in the standard model.

#### 1. Introduction

A proxy reencryption (PRE) scheme involves three parties: delegator (Alice), delegatee (Bob), and a proxy (semitrusted third party). Alice assigns a key to a proxy to reencrypt all her messages encrypted with her public key such that the reencrypted ciphertexts can be decrypted with Bob’s private key. Due to this delegation of decrypting capability, various applications of PRE have been suggested, for example, email forwarding, digital rights management (DRM), law enforcement, and secure network file storage [1–4]. Charlie provides multiple-hop or multiuse proxy to the systems while PRE schemes could be defined based on the direction of operation, number of hops (possible reencryption), and their structure.* Unidirectional* PRE implies that the proxy can reencrypt a message from Alice to Bob but cannot reencrypt a message from Bob to Alice using the same key, while* bidirectional* PRE applies from sender to recipient and vice versa. PRE schemes capable of reencrypting a message from Alice to Bob and then from Bob to Charlie are said to be a multihop or multi-use proxy [5, 6]. On the other hand, single-hop schemes use a specific key to reencrypt between only two entities. It is important that the PRE scheme should at least satisfy the following requirements: (1) a proxy alone cannot obtain the underlying plaintext and (2) delegatee cannot obtain the underlying plaintext without the proxy’s cooperation.

Based on a simple modification of the ElGamal encryption scheme, Blaze et al. [7] in 1998 proposed the first PRE scheme where the proxy is kept from knowing plaintexts and secret keys [8]. Ateniese et al. [1] proposed a number of unidirectional PRE schemes and discussed their several potential applications such as distributed secure file systems. Later, many unidirectional PRE schemes with different properties have been proposed [9–11]. In recent past, the concept of identity-based proxy reencryption (IB-PRE) has gained popularity among researchers [12, 13]. It (IBE) was first introduced by Shamir [14]. The main idea of ID-based cryptosystems is that the identity information of each user (such as E-mail addresses, security number, or IP addresses) works as his/her public key. In other words, the user’s public key can be calculated directly from his/her identity rather than being extracted from a certificate issued by a certificate authority (CA) as is the case in certificate-based cryptosystems. ID-based public key setting serves as a good alternative for certificate-based public key setting, especially when efficient key management and moderate security are required. After Boneh and Franklin [15] proposed a practical IBE scheme, Green and Ateniese later [16] proposed the first IB-PRE scheme. IB-PRE is IBE which permits delegation of decryption capability. They also discussed its several interesting applications such as bridging IBE and public key encryption (PKE). Since then, several IB-PRE schemes have been proposed [17, 18]. In IB-PRE, a user who has a secret key corresponding to his/her public identity can decrypt a ciphertext encrypted with his/her identity as in IBE. In 2007, Matsuo proposed the concept of four types of PRE schemes: certificate-based PKE (CBE) to CBE, IBE to CBE, CBE to IBE, and IBE to IBE [19]. Matsuo’s schemes are based on ElGamal-type CBE scheme and BB-IBE [20]. Now CBE to IBE and IBE to IBE PRE schemes are being standardized by IEEEP1363.3 working group [21].

In 2008, Tang [22] first introduced the concept of type-based PRE (TB-PRE). He proposed two schemes; one scheme achieved ciphertext privacy and was proved chosen plaintext attack (IND-PR-CPA) secure under the eXternalDiffie-Hellman (XDH) and co-BDH assumptions, while the other scheme achieved chosen ciphertext attack (IND-PR-CCA) security under the knowledge of exponent (KE) and the bilinear Diffie-Hellman (BDH) assumptions. In a TB-PRE scheme, the delegator categorizes his/her messages (ciphertexts) into different subsets and is capable of delegating the decryption right of each subset to a specific delegatee. The ciphertexts for the delegator are generated based on the delegator’s public key and the message type which is used to identify the message subset. TB-PRE as a variant of PRE could be considered as a subset of conditional proxy reencryption (C-PRE). In C-PRE schemes, ciphertexts are generated with respect to a certain condition and the proxy can translate a ciphertext only if the associated condition is satisfied [23, 24]. Ibraimi et al. [25] proposed the first type-and-identity-based proxy reencryption (TIB-PRE) scheme based on the Boneh-Franklin IBE scheme. Their scheme was proved semantically secure against an adaptive chosen plaintext attack for the delegator (IND-ID-DR-CPA). They further showed how their scheme could be used by a patient to enforce his/her personal health record (PHR) disclosure policies. A TIB-PRE scheme is basically a TB-PRE scheme that encompasses IBE and PRE.

##### 1.1. Motivation and Contribution

As pointed out in [22, 25], the existing PRE schemes have a limitation in that the proxy could reencrypt all ciphertexts encrypted under delegator’s public key and pass them to the delegatee. In order to implement fine-grained access control policies, the delegator (1) can choose a different key pair for each possible subset of his/her messages and choose a proxy to delegate his decryption right or (2) can choose to trust the proxy to enforce his policies by reencrypting the predefined subset of his ciphertexts to the specific delegatee. However, both of these approaches are infeasible in practice because they are too involving for the delegator and also demand strong trust on the proxy. On the other hand, in a type-based proxy reencryption scheme, the delegator can categorize his messages (ciphertexts) into different subsets and is capable of delegating the decryption right of each subset to a specific delegatee. Hence, type-based proxy reencryption enables the delegator to implement fine-grained policies with one key pair and without any additional trust on the proxy.

Despite this advantage, however, in some applications, instead of delegating all the messages under a type-based subset, the delegator may be required to delegate just some of the messages within the subset. This may be because the delegate could be interested in specific messages collected or sampled within a specified period of time. For example, (1) in healthcare, a physician maybe interested only in a patient’s recent (e.g., last five months) prescription history to check if his/her recent drug interactions could conflict with the proposed course of treatment. (2) In criminal investigations, an investigator may only be interested in video footage from closed circuit television recordings (CCTV) of the crime scene that were taken within the time bound of the occurrence of the crime. In view of such cases, we argue that incorporating an element of time period (e.g., hours, days, etc.) in TBE would give the delegator more flexibility to provide the proxy with more fine-grained reencryption capabilities. Hence, in this paper we propose a time-and-identity-based proxy reencryption scheme (-IB-PRE) to solve aforementioned shortfalls in PRE schemes while at the same time adopting the advantages of TB-PRE and IBE schemes. Our scheme is based on BB-IBE and Matsuo’s IBE to IBE PRE schemes. Unlike the existing TB-PRE schemes, the ciphertexts for the delegator in our scheme are generated based on the delegator’s public key and some specified time periods. We find this assumption plausible because it is common practice to attach date and even time to data upon its collection. Note that our scheme can be considered as a special case of TBE. As such we assume that the delegator will first categorize his/her messages into subsets according to type and then, as may be requested by the delegatee, the delegator can further recategorizes the messages into refined subsets depending on specified time period. The reencryption key in our scheme is independent of the delegatee’s private key. As a result, our scheme can achieve master secret security.

#### 2. Preliminaries

In this section, we first review the basic concept of the bilinear maps and related assumptions. Then, a brief discussion of IBE and TIB-PRE together with their respective security models will follow [26].

*Definition 1. *Let and be two cyclic multiplicative groups with prime order . Let be a generator of and let : be a bilinear map with the following properties.(i)*Bilinearity*: for all and for all , we have .(ii)*Nondegeneracy*: the map does not send all pairs in to the identity in . Observe that since and are groups of prime order this implies that if is a generator of , then is a generator of . is said to be a bilinear group if the group operation in and the bilinear map : are both efficiently computable.

We assume that there is an efficient algorithm* Gen* for generating bilinear groups. The algorithm* Gen* takes a security parameter as input and outputs a tuple (, , , , and ).

*Definition 2. *The decisional bilinear Diffie-Hellman (dBDH) problem in groups is as follows. Given with unknown , decide whether . The advantage of an algorithm in solving the dBDH problem is defined as follows:
where the probability is over the random choice of generator , the randomly chosen integers , the random choice of , and the random bits used by . We say that the dBDH assumption holds in if no -time algorithm has advantage at least in solving the dBDH problem in under a security parameter .

##### 2.1. Definition and Security Notion for IBE

*Definition 3. *An IBE scheme consists of four algorithms: , , , and [27].*.* This algorithm takes a security parameter as input and outputs parameters* params* which are distributed to users and the master key which is kept private.*.* This algorithm takes parameters* params*, the master key *,* and an identifier as input and it outputs a private key associated with .*.* This algorithm takes parameters* params*, a message *,* and an identifier as input and outputs a ciphertext encrypted under .*.* This algorithm takes a ciphertext associated with an identifier as input and outputs a message or as an error message.

*Definition 4. *The selective identity chosen plaintext (IND-sID-CPA) security for an IBE scheme is defined as a game between an adversary and a challenger , where the challenger simulates the protocol execution and answers queries from the adversary.*Initialization.* The adversary outputs an identifier where it wishes to be challenged.*.* The challenger runs the setup algorithm and returns parameters* params* to the adversary while keeping the master key to itself.*Phase 1.* The adversary adaptively issues private key queries for . The challenger runs the algorithm and outputs the private keys corresponding to . The challenger sends to the adversary.

Once adversary decides that phase 1 is over, it selects two equal length plaintexts , on which it wishes to be challenged.*Challenge.* Given , the challenger picks a random bit and sends the challenge ciphertext = to the adversary.*Phase 2.* The adversary continues to issue queries as in phase 1 but with restriction that he/she cannot issue private key queries for = . The challenger responds as in phase 1.*Guess.* Finally, the adversary issues a guess . The adversary wins the game if .

An IBE scheme is IND-sID-CPA secure if is negligible.

*Definition 5. *We define the advantage of adversaries in an IND-sID-CPA games as
An IBE system is said to be IND-sID-CPA secure if for any -time IND-sID-CPA adversary that makes at most chosen secret key queries under a security parameter we have . As shorthand, we say that an IBE system is IND-sID-CPA secure.

##### 2.2. Definition and Security Notion for TIBE and TIB-PRE Scheme

*Definition 6. *We base our definitions on [22, 25]. A TIBE scheme consists of four algorithms: , , , and . Both and are run under IBE. Below, we define and . Note that we adopt the notation to stand for message type.*.* This algorithm takes parameters* params*, a message , an identifier , and a message type as input and it outputs a ciphertext encrypted under . Both and are sent to the receiver.*.* This algorithm takes the ciphertext , the private key , and a message type as input. The algorithm outputs a message of type .

*Definition 7. *A TIB-PRE scheme is a PRE that combines the concepts of both IBE and type-based encryption. The scheme consists of six algorithms: , , , , , and . , , , and are defined as above. Below we define and .*.* This algorithm is run by the delegator. It takes a delegator’s private key , the delegator’s identifier , the delegatee’s identifier , and a message type as input. The algorithm outputs as the reencryption key.*.* This algorithm is run by the proxy. It takes the ciphertext associated with delegator’s identifier, the reencryption key , and a message type as input. The algorithm outputs a new ciphertext for delegatee.

*Definition 8. *We model selective identity chosen plaintext security for a TIB-PRE scheme as a game between an adversary and a challenger , where the challenger simulates the protocol execution and answers queries from the adversary.*Initialization.* The adversary outputs an identity and where it wishes to be challenged.*.* The challenger runs the setup algorithm and returns parameters* params* to the adversary while keeping the master key to itself.*Phase 1.* Taking parameters* params* as input, the adversary adaptively issues the following queries.*.* The adversary queries with any identifier . The challenger outputs private keys corresponding to . The challenger sends to adversary.*.* The adversary queries with (, , ). If has been queried to a private key query, then the challenger halts. Otherwise, the challenger outputs a reencryption key for type and sends it to the adversary.*.* The adversary queries the challenger with (, , , ). The challenger first computes , , and returns = , , to the adversary which is obtained by applying the delegation key to .

Once adversary decides that phase 1 is over, it selects two equal length plaintexts , on which it wishes to be challenged.*Challenge.* The challenger picks a random bit and sets the challenge ciphertext to = *params*, , , . It sends as the challenge to the adversary.*Phase 2.* The adversary continues to issue queries as in phase 1 but with restrictions that(i)he/she cannot issue private key queries for ;(ii)if there is a query with (, , , ), then (, , ) has not been queried to .The challenger responds as in phase 1.*Guess.* Finally, the adversary outputs a guess . The adversary wins if = .

At the end of the game, the adversary’s advantage is defined to be .

#### 3. Our Construction

In this section, we propose our time-and-identity-based proxy reencryption scheme (-IB-PRE) based on BB-IBE and Matsuo ID-PRE scheme. We adopt the basic principles of TIB-PRE. First we describe our -IBE scheme followed by a discussion of the delegation process. In our scheme, we assume one level delegation, meaning that the delegatees will not further delegate their decryption rights to other users. We adopt to denote some specified period of time (date, month, or year). Our scheme consists of six algorithms, namely,* Setup*,* KeyGen*,* Pextract*,* Encrypt*,* Preenc,* and* Decryp*.

*.* This algorithm is run by the PKG and works as follows: it takes the security parameter and selects a random generator and random element . Pick a random and set = , = , and* params* = (*, *, ). Here, = is the master secret key and* params* are public parameters.

*.* Here, the PKG takes parameters* params*, master key = , and an identifier as input. The PKG picks a random value and outputs a private key corresponding to , where

*.* To encrypt a message bounded by time , the message sender picks at random, computes = , and outputs ciphertext , where

Note that can be precomputed once and for all so that encryption does not require any pairing computations.

*.* On inputting a ciphertext , a private key , and , the algorithm outputs as follows:

##### 3.1. Delegation Process

To delegate his decryption right for some message subsets, the delegator makes use of the following algorithms.

*.* This algorithm is run by the delegator. It takes private key of delegator , an identifier of delegator and that of delegate , and sometime period as input. The algorithm outputs a reencryption key , where and , .

*.* This algorithm is run by the proxy. It takes a reencryption key and a ciphertext , where . The algorithm outputs a new ciphertext , where
Once delegatee receives the reencrypted ciphertext, he/she can obtain the plaintext by computing

##### 3.2. Security Analysis

Theorem 9. *Suppose that the dBDH assumption holds in . Then, the proposed -IB-PRE scheme is selective identity (IND-sID-CPA) secure for any , , and , where is maximum time for an exponentiation in .*

*Proof. *Let be an adversary against the proposed -IB-PRE scheme in the IND-sID-CPA sense. We construct an adversary which solves the dBDH problem in by utilizing . Algorithm is given as input, where or and . Algorithm works by interacting with in a selective identity game as follows.*Initialization.* The selective identity game begins with outputting a target identity and some fixed .*Setup.* To generate system parameters, algorithm (i)picks ;(ii)sets and and gives parameters to . The corresponding master key unknown to is .*Phase 1.* Taking parameters* params* as input, the adversary adaptively issues the following queries.*Private Keyqueries. * queries with any identifier . outputs private keys corresponding to and sends it to . Here,
Let ; then is valid private key for . This is because
*. * queries with . If (in this case, can be any identity), the simulator first simulates as above and gets . Then, it runs and returns the resulting reencryption key to the adversary. Otherwise, if , rejects the query.*Preenc. * queries the challenger with . only faithfully responds to this query if and . Otherwise, halts.

Once adversary decides that phase 1 is over, it selects two equal length plaintexts , on which it wishes to be challenged.*Challenge.* The challenger picks a random bit and sets the challenge ciphertext to , , ), where . returns to the adversary. Note that if , then is valid encryption of . Otherwise, if is uniform and independent in , then is also independent of in the adversary’s view.*Phase 2.* The adversary issue further queries and responds as in phase 1.*Guess.* Finally, outputs a guess . Algorithm concludes its own game by outputting a guess as follows. If , then outputs 1 meaning . Otherwise, it outputs 0 meaning .

can perfectly simulate the reencryption key for since it looks random and independent of any other values if does not obtain the corresponding private key for . When , then ’s advantage is the same as ’s advantage for solving dBDH problem.

#### 4. Conclusion

In this paper, a time-and-identity based proxy reencryption scheme based on BB-IBE and Matsuo’s PRE scheme has been proposed. Our scheme incorporates concept of time and gives the delegator the flexibility to categorize his/her message into subsets based on some defined time period. We have proven our scheme to be selective identity, chosen plaintext attack (IND-sID-CPA) secure in the standard model based on the decisional BDH assumption in the bilinear groups. Using only one key pair, the delegator in the scheme can provide the proxy with differentiated reencryption capabilities. This work can also be extended and included in various other fields [28–32] including m2m, IoT, and big data.

#### Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

#### Acknowledgment

This work was supported by the National Research Foundation of Korea Grant funded by the Korean Government (no. NRF-13S1A5B6044042).

#### References

- G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved proxy re-encryption schemes with applications to secure distributed storage,”
*ACM Transactions on Information and System Security*, vol. 9, no. 1, pp. 1–30, 2006. View at Google Scholar · View at Scopus - K. H. Choi, K. S. Jang, and H. J. Shin, “Smart home environment for the protection of multimedia digital contents,”
*The Journal of IWIT*, vol. 11, no. 2, pp. 189–196, 2011. View at Google Scholar - C. Chu and W. Tzeng, “Identity-based proxy re-encryption without random oracles,” in
*Information Security*, vol. 4779 of*Lecture Notes in Computer Science*, pp. 189–202, 2007. View at Google Scholar - E. B. Kim, K. I. Kim, T. H. Kim, and S. H. Cho, “A study of partial preview control method of ePUB-based eBook DRM,”
*The Journal of IWIT*, vol. 12, no. 1, pp. 249–256, 2012. View at Google Scholar - G. Ateniese and S. Hohenberger, “Proxy re-signatures: new definitions, algorithms, and applications,” in
*Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS '05)*, pp. 310–319, November 2005. View at Publisher · View at Google Scholar · View at Scopus - B. Libert and D. Vergnaud, “Multi-use unidirectional proxy re-signatures,” in
*Proceedings of the 15th ACM conference on Computer and Communications Security (CCS '08)*, pp. 511–520, October 2008. View at Publisher · View at Google Scholar · View at Scopus - M. Blaze, G. Bleumer, and M. Strauss, “Divertible protocols and atomic proxy cryptography,” in
*Advances in cryptology—EUROCRYPT*, vol. 1403 of*Lecture Notes in Computer Science*, pp. 127–144, 1998. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” in
*Advances in Cryptology*, vol. 196 of*Lecture Notes in Computer Science*, pp. 10–18, 1985. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - J. Shao, Z. Cao, and P. Liu, “SCCR: a generic approach to simultaneously achieve CCA security and collusion-resistance in proxy re-encryption,”
*Security and Communication Networks*, vol. 4, no. 2, pp. 122–135, 2011. View at Publisher · View at Google Scholar · View at Scopus - J. Weng, R. H. Deng, X. Ding, C.-K. Chu, and J. Lai, “Conditional proxy re-encryption secure against chosen-ciphertext attack,” in
*Proceedings of the 4th International Symposium on ACM Symposium on Information, Computer and Communications Security (ASIACCS '09)*, pp. 322–332, March 2009. View at Publisher · View at Google Scholar · View at Scopus - B. Libert and D. Vergnaud, “Unidirectional chosen-ciphertext secure proxy re-encryption,” in
*Public Key Cryptography—PKC*, vol. 4939 of*Lecture Notes in Computer Science*, pp. 360–379, 2008. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - L. Wang, L. Wang, M. Mambo, and E. Okamoto, “New identity-based proxy re-encryption schemes to prevent collusion attacks,” in
*Pairing-Based Cryptography-Pairing*, vol. 6487 of*Lecture Notes in Computer Science*, pp. 327–346, 2010. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - Z.-M. Wan, J. Weng, X.-J. Lai, S.-L. Liu, and J.-G. Li, “On the relation between identity-based proxy re-encryption and mediated identity-based encryption,”
*Journal of Information Science and Engineering*, vol. 27, no. 1, pp. 243–259, 2011. View at Google Scholar · View at MathSciNet - A. Shamir, “Identity-based cryptosystems and signature schemes,” in
*Advances in Cryptology—Crypto*, vol. 196 of*Lecture Notes in Computer Science*, pp. 47–53, 1985. View at Publisher · View at Google Scholar · View at MathSciNet - D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” in
*Advances in Cryptology—CRYPTO*, vol. 2139 of*Lecture Notes in Computer Science*, pp. 213–229, 2001. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - M. Green and G. Ateniese, “Identity-based proxy re-encryption,” in
*Proceedings of the 5th international conference on Applied Cryptography and Network Security (ACNS '07)*, J. Katz and M. Yung, Eds., vol. 4521, pp. 288–306, 2007. View at Publisher · View at Google Scholar - C. Chu and W. Tzeng, “Identity-based proxy re-encryption without random oracles,” in
*Information Security*, vol. 4779, pp. 189–202, 2007. View at Publisher · View at Google Scholar - C. Chu, J. Weng, S. S. M. Chow, J. Zhou, and R. H. Deng, “Conditional proxy broadcast re-encryption,” in
*Information Security and Privacy*, vol. 5594 of*Lecture Notes in Computer Science*, pp. 327–342, 2009. View at Google Scholar - T. Matsuo, “Proxy re-encryption systems for identity-based encryption,” in
*Pairing-Based Cryptography—Pairing 2007*, vol. 4575 of*Lecture Notes in Computer Science*, pp. 246–267, 2007. View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - D. Boneh and X. Boyen, “Efficient selective-ID secure identity-based encryption without random oracles,” in
*Advances in Cryptology—EUROCRYPT*, vol. 3027 of*Lecture Notes in Computer Science*, pp. 223–238, 2004. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - L. Martin,
*P1363.3(TM)/D1, Draft Standard For Identity-Based Public Cryptography Using Pairings*, 2008. - Q. Tang, “Type-based proxy re-encryption and its construction,” in
*Progress in Cryptology—INDOCRYPT*, vol. 5365 of*Lecture Notes in Computer Science*, pp. 130–144, 2008. View at Publisher · View at Google Scholar · View at Zentralblatt MATH · View at MathSciNet - J. Weng, Y. Yang, Q. Tang, R. Deng, and F. Bao, “Efficient conditional proxy re-encryption with chosen ciphertext security,” in
*Information Security*, P. Samarati, M. Yung, F. Martinelli, and C. A. Ardagna, Eds., vol. 5735 of*Lecture Notes in Computer Science*, pp. 151–166, 2009. View at Publisher · View at Google Scholar - J. Weng, R. H. Deng, X. Ding, C.-K. Chu, and J. Lai, “Conditional proxy re-encryption secure against chosen-ciphertext attack,” in
*Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (ASIACCS '09)*, pp. 322–332, March 2009. View at Publisher · View at Google Scholar · View at Scopus - L. Ibraimi, Q. Tang, P. Hartel, and W. Jonker, “A type-and-identity-based proxy re-encryption scheme and its application in healthcare,”
*Secure Data Management*, vol. 5159, pp. 185–198, 2008. View at Publisher · View at Google Scholar · View at Scopus - X. A. Wang, X. Yang, and Y. Han, “New identity based encryption and its proxy re-encryption,”
*Biomedical Engineering and Computer Science*, vol. 1, no. 4, pp. 23–25, 2010. View at Google Scholar - S. Luo, Q. Shen, and Z. Chen, “Fully secure unidirectional identity-based proxy re-encryption,” in
*Proceedings of the 14th International Conference on Information Security and Cryptology*, 2011. - A. Paul, J. C. Jiang, J. F. Wang, and J. F. Yang, “Parallel reconfigurable computing-based mapping algorithm for motion estimation in advanced video coding,”
*ACM Transaction on Embedded Computing Systems*, vol. 11, no. S2, article 40, 2012. View at Google Scholar - A. Paul, “Dynamic power management for ubiquitous network devices,”
*Advanced Science Letters*, vol. 19, no. 7, pp. 2046–2049, 2013. View at Google Scholar - A. Paul, “Graph based M2M Optimization in an IoT environment,” in
*Proceedings of the Research in Adaptive and Convergent Systems (ACM RACS '13)*, pp. 45–46, October 2013. - D. G. Lee, J. Kim, J. Sung, Y. S. Lee, and S. Rho, “Cryptanalysis of block-wise stream ciphers suitable for the protection of multimedia and ubiquitous systems,”
*Telecommunication Systems*, vol. 44, no. 3-4, pp. 297–306, 2010. View at Publisher · View at Google Scholar · View at Scopus - S. Rho and S.-S. Yeo, “Bridging the semantic gap in multimedia emotion/mood recognition for ubiquitous computing environment,”
*Journal of Supercomputing*, vol. 56, no. 1, pp. 274–286, 2013. View at Publisher · View at Google Scholar · View at Scopus