Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Conditional cryptographic delegation for P2P data sharing

View publication


A cryptographic approach that enables a peer to transfer the right to access the encrypted data provided predetermined conditions are satisfied is presented in this paper. Our approach involves a third trusted service, called “delegation check (DC) servers” to check single or multiple conditions according to the rules. A peer (delegator) delegates the right to decrypt the ciphertext to other peers (proxies) under certain conditions. The proxy can decrypt the ciphertext only after it passes the verification check of the DC server. Our system has the following properties: (1) A sender does not need to know whether or not the delegation occurs. (2) DC servers are involved only when the proxy decrypts the ciphertext. (3) Neither the DC server nor a proxy can know the private decryption key of the delegator unless both of them collude with each other. Two types of techniques, a basic scheme and an extended scheme, are presented. The basic scheme is relatively efficient, while the security is maintained under the assumption that the DC server does not deviate from the protocol. In order to tolerate the deviation of the DC server, the extended scheme allows the delegator to direct the proxy to use a group of servers when decrypting the ciphertext. A notable feature in our scheme is that the delegator can independently choose which of the two without any interaction with the DC servers or the proxy. Moreover, the choice of the scheme does not require any modification of the operations that the server performs. © Springer-Verlag Berlin Heidelberg 2002.