The first aspect is to extend the proxy re-encryption notion to the identity-based public key cryptographic setting.
This allows fine-grained proxy re-encryption and can be useful for applications such as secure sharing over encrypted cloud data storage.
The unique string, for example, can be an email address, a phone number, and a staff ID (if used only internally within an organization).
Bob can then download D1, D2, …, Dn, decrypt them, and recover the messages M1, M2, … Mn using his private key.
One of the main advantages of using identity-based cryptographic algorithms is the elimination of public key certificates, which can help enhance the usability of the target security applications.
The term ‘Conditional’ in IBCPRE refers to an additional feature, which allows each encrypted message to have a ‘tag’ associated with.
In other words, picking the friends to share with by them can be done after they encrypt the messages and uploads them to the server.
Alice then uploads the corresponding encrypted messages C1, C2, …, Ct, Ct+1, …, Cm, Cm+1, …, Cn to a server.
This generation is done by taking as input Alice’s private key and Bob’s identity.
IBCPRE has been used for secure cloud data sharing and related key management solutions in products of AtCipher Limited.
A related concept to proxy re-encryption called decrypt right delegation was introduced by Mambo and Okamoto[3] in 1997.
[5][6][7][8][9][10][11][12] In 2007, Green and Ateniese[13] and Ivan and Dodis[9] independently proposed several proxy re-encryption schemes in the identity-based cryptographic setting.
CPA-secure IBPRE schemes secure without random oracles were subsequently proposed by Matsuo[14] and Mizuno and Doi.