PICADOR: End-to-end encrypted Publish–Subscribe information distribution with proxy re-encryption

Document Type

Article

Publication Date

6-1-2017

Abstract

This article presents PICADOR, a system for end-to-end encrypted Publish–Subscribe information distribution with proxy re-encryption. PICADOR is designed for topic-based Pub/Sub systems and provides end-to-end payload confidentiality. The main novelty of PICADOR is that it provides an information distribution service with end-to-end encryption where publishers and subscribers do not need to establish shared encryption and decryption keys. Multiple publishers post encrypted information to a Pub/Sub broker which uses Proxy Re-Encryption (PRE) to convert this information into a representation that can only be decrypted by approved subscribers. The broker is unable to decrypt the information. To support PICADOR, we design and implement a novel PRE scheme that leverages a general lattice encryption software library. We prototype our system using a scalable Java-based information substrate that supports topic-based Pub/Sub operations. We experimentally evaluate performance and scalability tradeoffs in the context of enterprise and mobile applications. We discuss design tradeoffs and application-specific customizations.

Identifier

85005917675 (Scopus)

Publication Title

Future Generation Computer Systems

External Full Text Location

https://doi.org/10.1016/j.future.2016.10.013

ISSN

0167739X

First Page

177

Last Page

191

Volume

71

Grant

CNS 1409523

Fund Ref

National Science Foundation

This document is currently not available here.

Share

COinS