Recently Liang et al. propose an interesting privacy-preserving ciphertext multi-sharing control for big data storage mechanism, which is based on the
cryptographic primitive of anonymous multi-hop identity based conditional proxy
re-encryption scheme AMH-IBCPRE. They propose a concrete AMH-IBCPRE
scheme and conclude their scheme can achieve IND-sCon-sID-CCA secure (indistinguishable secure under selectively conditional selectively identity chosen ciphertext attack). However, our research show their scheme can not be IND-sConsID-CCA secure for single-hop and multi-hop data sharing. Also in 2014, Liang et
al. propose an interesting deterministic finite automata-based functional proxy reencryption scheme DFA-based FPRE for secure public cloud data sharing, they
also conclude their scheme can achieve IND-CCA secure (indistinguishable secure
under chosen ciphertext attack), we also show their scheme can not be IND-CCA secure either. For these two proposals, the main reason of insecurity is that part of the
re-encryption key has the same structure as the valid ciphertext, thus the adversary
can query on the decryption oracle with this part of the re-encryption key to get secret keys, which will break the CCA-security of their scheme. We give an improved
AMH-IBCPRE scheme and an improved DFA-based FPRE scheme for cloud data
sharing and show the new schemes can resist our attack and be CCA-secure. We also
demonstrate our improved AMH-IBCPRE scheme’s efficiency compared with other
related identity based proxy re-encryption schemes, the results show our scheme is
almost the most efficient one