Processing math: 100%
Review

G protein-coupled receptors: the evolution of structural insight

  • G protein-coupled receptors (GPCR) comprise a diverse superfamily of over 800 proteins that have gained relevance as biological targets for pharmaceutical drug design. Although these receptors have been investigated for decades, three-dimensional structures of GPCR have only recently become available. In this review, we focus on the technological advancements that have facilitated efforts to gain insights into GPCR structure. Progress in these efforts began with the initial crystal structure determination of rhodopsin (PDB: 1F88) in 2000 and has continued to the most recently published structure of the A1AR (PDB: 5UEN) in 2017. Numerous experimental developments over the past two decades have opened the door for widespread GPCR structural characterization. These efforts have resulted in the determination of three-dimensional structures for over 40 individual GPCR family members. Herein we present a comprehensive list and comparative analysis of over 180 individual GPCR structures. This includes a summary of different GPCR functional states crystallized with agonists, dual agonists, partial agonists, inverse agonists, antagonists, and allosteric modulators.

    Citation: Samantha B. Gacasan, Daniel L. Baker, Abby L. Parrill. G protein-coupled receptors: the evolution of structural insight[J]. AIMS Biophysics, 2017, 4(3): 491-527. doi: 10.3934/biophy.2017.3.491

    Related Papers:

    [1] Jinhu Xu, Yicang Zhou . Bifurcation analysis of HIV-1 infection model with cell-to-cell transmission and immune response delay. Mathematical Biosciences and Engineering, 2016, 13(2): 343-367. doi: 10.3934/mbe.2015006
    [2] Yu Yang, Gang Huang, Yueping Dong . Stability and Hopf bifurcation of an HIV infection model with two time delays. Mathematical Biosciences and Engineering, 2023, 20(2): 1938-1959. doi: 10.3934/mbe.2023089
    [3] Shunyi Li . Hopf bifurcation, stability switches and chaos in a prey-predator system with three stage structure and two time delays. Mathematical Biosciences and Engineering, 2019, 16(6): 6934-6961. doi: 10.3934/mbe.2019348
    [4] Dan Liu, Shigui Ruan, Deming Zhu . Stable periodic oscillations in a two-stage cancer model of tumor and immune system interactions. Mathematical Biosciences and Engineering, 2012, 9(2): 347-368. doi: 10.3934/mbe.2012.9.347
    [5] Jiawei Deng, Ping Jiang, Hongying Shu . Viral infection dynamics with mitosis, intracellular delays and immune response. Mathematical Biosciences and Engineering, 2023, 20(2): 2937-2963. doi: 10.3934/mbe.2023139
    [6] Kaushik Dehingia, Anusmita Das, Evren Hincal, Kamyar Hosseini, Sayed M. El Din . Within-host delay differential model for SARS-CoV-2 kinetics with saturated antiviral responses. Mathematical Biosciences and Engineering, 2023, 20(11): 20025-20049. doi: 10.3934/mbe.2023887
    [7] Yan Wang, Minmin Lu, Daqing Jiang . Viral dynamics of a latent HIV infection model with Beddington-DeAngelis incidence function, B-cell immune response and multiple delays. Mathematical Biosciences and Engineering, 2021, 18(1): 274-299. doi: 10.3934/mbe.2021014
    [8] Wanxiao Xu, Ping Jiang, Hongying Shu, Shanshan Tong . Modeling the fear effect in the predator-prey dynamics with an age structure in the predators. Mathematical Biosciences and Engineering, 2023, 20(7): 12625-12648. doi: 10.3934/mbe.2023562
    [9] Huan Kong, Guohong Zhang, Kaifa Wang . Stability and Hopf bifurcation in a virus model with self-proliferation and delayed activation of immune cells. Mathematical Biosciences and Engineering, 2020, 17(5): 4384-4405. doi: 10.3934/mbe.2020242
    [10] Juan Wang, Chunyang Qin, Yuming Chen, Xia Wang . Hopf bifurcation in a CTL-inclusive HIV-1 infection model with two time delays. Mathematical Biosciences and Engineering, 2019, 16(4): 2587-2612. doi: 10.3934/mbe.2019130
  • G protein-coupled receptors (GPCR) comprise a diverse superfamily of over 800 proteins that have gained relevance as biological targets for pharmaceutical drug design. Although these receptors have been investigated for decades, three-dimensional structures of GPCR have only recently become available. In this review, we focus on the technological advancements that have facilitated efforts to gain insights into GPCR structure. Progress in these efforts began with the initial crystal structure determination of rhodopsin (PDB: 1F88) in 2000 and has continued to the most recently published structure of the A1AR (PDB: 5UEN) in 2017. Numerous experimental developments over the past two decades have opened the door for widespread GPCR structural characterization. These efforts have resulted in the determination of three-dimensional structures for over 40 individual GPCR family members. Herein we present a comprehensive list and comparative analysis of over 180 individual GPCR structures. This includes a summary of different GPCR functional states crystallized with agonists, dual agonists, partial agonists, inverse agonists, antagonists, and allosteric modulators.


    With the development of the internet of things [1], artificial intelligence [2] and cloud computing [3], more and more people use cloud storage servers to store large amounts of data. But these servers are untrustworthy, and information security has higher requirements in the new environment. Therefore, scholars have proposed an encryption and decryption system based on attribute: attribute-based encryption (ABE). It uses the access structure associated with the user attribute to decrypt the ciphertext if and only if the user's own attributes satisfy the access policy. Subsequently, more flexible key policy attribute-based encryption (KP-ABE) and CP-ABE schemes were proposed. Considering the actual application scenarios, our scheme is based on CP-ABE.

    In many systems that use CP-ABE, it is required to be able to flexibly add or delete user rights. According to the basic characteristics of ABE, such an application scenario can be implemented by adding and revoking attributes of users. Since attribute revocation is more complicated than attribute addition and is more difficult to implement, the research focus is more on revocation. According to the method of revocation, the granularity of revocation will be different, and the efficiency of revocation will also be different. The scheme [4] only implements user revocation, and its application scenarios are bound to be limited. Some schemes have not updated the ciphertext after the revocation, such as [5], that is, the revocable storage isn't implemented. At this time, the system has a forward security problem. In the scheme of implementing revocable storage, there is a problem that the computational complexity becomes larger as the complexity of the scheme becomes larger. For example, in scheme [6], the operation complexity of decryption will increase linearly with the attribute or revocation events, and the operation cost in the later stage of the scheme is huge. After using outsourcing decryption technology to solve complex operations and make up for the lack of time, there is still a spatial problem. The ciphertext length in most schemes increases linearly with the complexity of the access policy, resulting in a huge communication cost in data sharing. In particular, the partial revocation method also causes the ciphertext length to increase linearly with the number of revocation events. What is more serious is that the partial access structure is not flexible enough, which causes the scheme to lose the basic characteristics of ABE-flexibility.

    It can be seen that constructing an outsourcing decryption CP-ABE scheme with fine-grained revocable storage, flexible access structure and constant ciphertext length has fatal research significance.

    Through the efforts of scholars, there have been a lot of achievements in the field of cryptography [7,8,9,10,11,12,13,14,15]. After the development of identity-based cryptography for a period, attribute-based cryptography was proposed based on the fuzzy identity-based encryption technology [16]. It uses the attribute sets to represent the users' identities. The encryptor only needs to specify some attributes of the decryptor and does not need to specify its specific identity, so the attribute-based encryption is suitable for scenarios where the decryption party is not fixed. In 2006, Goyal et al. [17] proposed key policy attribute-based encryption (KP-ABE). Its main idea is to add an access structure constructed from user attribute sets to the user's private key, if and only if the access structure in the private key is satisfied by the attribute set in the ciphertext, the ciphertext can be decrypted. In 2007, the ciphertext policy attribute-based encryption scheme corresponding to the KP-ABE scheme was proposed by Bethencourt et al. [18]. The user's attribute set is stored in the user's private key, and all users' attribute sets in the system are stored in the ciphertext together with the access structure constructed by the access rules. Decryption can only be performed when the user attribute satisfies the access structure in the ciphertext.

    In recent years, there have been a lot of researches on ABE, such as ABE with AND-gates structure, revocation ABE, ABE with fixed length ciphertext and outsourcing decryption ABE, etc.

    In the study of the AND-gates, Cheung and Newport [19] proposed a CP-ABE scheme that supports AND-gates on positive and negative attributes with wildcards (AND+,), and proved its security under the standard model. Emura et al. [20] proposed the first ciphertext length constant CP-ABE scheme. However, the scheme only supports AND gates on positive and negative attributes (AND+,), including the scheme of AND-gates on multi-valued attributes (ANDm) structure proposed later, which has serious drawbacks, that is, a user can decrypt the ciphertext if and only if the attributes in his private key are exactly the same as those contained in the ciphertext access structure, this has lost the basic principle of attribute-based encryption: one-to-many. Later, Nishide et al. [21] proposed ANDm structure scheme, which greatly improved the flexibility of access. On this basis, Zhang et al. [6] realized the fixed ciphertext length and reduced the storage cost. Constant-size ciphertext is also one of the key directions of ABE research. In recent years, there have been many achievements such as [22,23,24,25,26].

    In addition to the study of access structures, the attribute revocation mechanism is also critical in ABE. In recent years, scholars at home and abroad have proposed a series of attribute revocation schemes, which are divided into indirect revocation and direct revocation. Indirect revocation requires the authority to periodically update the key, while direct revocation puts the revocation information into the ciphertext at the time of encryption. The indirect revocation of attributes scheme was first proposed by Pirretti et al. [27], which sets an expiration date for each attribute, and the authority periodically updates the key, but it cannot suspend the validity period of the key at any time. In response to its related issues, Bethencourt et al. [18] proposed the idea of ​​setting the attribute suspension date, but the solution authority still has a large workload. Later, Attrapadung et al. [28] divided the revocation mechanism into two types: direct revocation and indirect revocation. Then they proposed a hybrid revocation scheme. The encryption party chooses either of the two mechanisms for encryption, the user can use keys to decrypt ciphertexts of any types. Most of the direct revocation schemes use broadcast encryption technology such as [29,30,31]. In order to reduce the workload of the authorized organization, Yu et al. [5] use the version number to mark the key and ciphertext, and introduce the proxy server to combine the proxy re-encryption technology with CP-ABE, which greatly reduced the workload of the authorized organization and achieved attribute revocation under a smaller overhead. To solve the forward security problem, Sahai et al. [32] proposed the concept of revocable storage, that is, ciphertext update must be performed when the revocation occurs. The direct revocation scheme proposed by Zhang et al. [6] introduces the revocation auxiliary judgment function applicable to the multi-attribute environment to determine whether the ciphertext needs to be updated when the attribute revocation event occurs. Zhao et al. [4] use the Chinese remainder theorem to construct a direct revocation scheme with constant length of ciphertext and key. After the revocation, the purpose of revocation can be achieved by only updating the ciphertext.

    Another drawback in ABE is that decryption operations are very expensive, so they are not suitable for resource-constrained devices. In order to improve the efficiency of the scheme, Green et al. [33] proposed a solution for outsourcing the computationally expensive decryption operation to the cloud server. The main solution is the user uses the proxy re-encryption method to obtain the conversion key, sends it and ciphertext to the third-party server. The server performs the decryption operation to obtain a simpler form ciphertext, and the user can recover the plaintext with only a small computational overhead. After that, scholars tried to use outsourcing algorithm at different stages of ABE, such as generating private key phase [34,35], encryption phase [36] and decryption phase [37,38]. However, a malicious third-party server may tamper the original ciphertext, and the user will not be aware of it. The security of most outsourcing solutions can only ensure that malicious cloud servers can't understand any information about encrypted messages, but it does not guarantee the correctness of their conversion operations. In order to solve this problem, Lai et al. [39] proposed a verifiable outsourcing decryption CP-ABE scheme to ensure the correctness of the conversion operation. Li et al. [34] also proposed an outsourcing decryption ABE scheme that effectively solves the verifiability.

    This paper mainly studies efficient revocation schemes. In the existing revocation schemes, there are some defects in revocation granularity, storage consumption, etc., as shown in Table 1. [5] does not implement revocable storage and the access structure is only AND+,, so its permissions are less flexible and users can illegally access the ciphertext which is encrypted before revocation. [6] contains a complex revocation algorithm and a decryption algorithm. For different types of ciphertexts, users divide them into 4 cases for revocation and decryption, which brings huge computational overhead to users. In scheme [32], revocation only reaches the user level, which cannot handle the requirement of flexible permission change. In summary, in the context of cloud storage, it is necessary to study more efficient and multi-functional revocation schemes.

    Table 1.  Property comparison of different revocation schemes.
    Scheme Revocable Storage Revocation Granularity Verifiable Outsourcing Decryption Constant Ciphertext Length Access Policy Ciphertext* Type
    [5] × Attribute Revocation × × AND+, 1
    [6] Attribute Revocation × ANDm 4
    [32] User Revocation × × Tree 1
    *This item represents the number of ciphertext types that is generated by the scheme, which means that there are corresponding number of decryption algorithms and revocation algorithms.

     | Show Table
    DownLoad: CSV

    In this paper, based on the study of revocable storage, ciphertext size and decryption efficiency, we propose a constant ciphertext length CP-ABE scheme with revocable storage and verifiable outsourcing decryption (RVOC-CP-ABE).

    For the revocable storage problem, we improve the version numbering method which is based on proxy re-encryption to adapt to the characteristics of fixed-length ciphertext, and realize fine-grained attribute revocation and ciphertext update. If the user is the revocation target, cannot access the corresponding files, especially the encrypted files before revocation. In order to improve the decryption efficiency, we propose an outsourcing decryption mechanism, which can reduce the user's local computation and provide verification function to ensure decryption accuracy. Then, we combined the above two mechanisms to construct RVOC-CP-ABE scheme on the basis of ANDm access structure which is more flexible than traditional And-gate. Our scheme ensures that the attribute permissions are correctly revoked while reducing the decryption complexity and storage complexity to a constant level. We further describe the cloud server architecture and data flow of the scheme, providing a complete and efficient solution for cloud storage security.

    Finally, under the DBDH assumption, we prove RVOC-CP-ABE scheme can resist chosen plaintext attacks (CPA), and the performance comparison with similar schemes shows that the scheme is efficient and feasible.

    The structure of this paper is as follows: Chapter 2 introduces the relevant theoretical knowledge used in this scheme; Chapter 3 will introduce the access structure used in this scheme, then introduce the design and security model of the scheme, and finally detail the implementation of the scheme. The fourth chapter will carry out security proof. The fifth chapter analyzes the performance of the scheme and compares it with similar schemes. Finally, the sixth chapter draws the conclusions of this program.

    Assuming two multiplicative cyclic groups G and Gt, They have the same prime number p. Then let g be a generator element of cyclic group G. e is an effective bilinear mapping from G to Gt: G × G Gt. e satisfies the following three properties:

    1. Bilinearity: a,b Zp, e(ga,gb)=e(g,g)ab.

    2. Non-Degeneracy: u,v G, e(u,v) 1.

    3. Computability: u,v G, e(u,v) can be calculated effectively.

    Let a,b,c,θRZp. There isn't a polynomial-time algorithm probabilistic has non-negligible advantage to distinguish the DBDH-tuple [g,ga,gb,gc,gabc] from the random five-tuple [g,ga,gb,gc,gθ].

    In this chapter, we will detail RVOC-CP-ABE. The scheme uses ANDm access structure to implement a fixed ciphertext length CP-ABE, which implements efficient revocable storage using version numbering method and proxy re-encryption, while outsourcing complex decryption calculations to a third-party server and verifying the decryption results. This chapter mainly has the following parts:

    1. Introduce ANDm access structure.

    2. Show the basic design of this program.

    3. Introduce the security model of this scheme.

    4. Describe the specific implementation of this program.

    As mentioned earlier, the AND+, and ANDm access strategies are too restrictive and should not be used. Compared with ANDm and AND+,, the same access strategy using ANDm expression is much simpler than using AND+, expression.

    Now assume there is an attribute set as shown in the table 2, using AND+, to indicate the access policy:

    AP=w1w2w+3w4w5w6w+7
    Table 2.  Access structure.
    Attribute w1 w2 w3
    Attribute Name School Duty Gender
    Attribute Value Univ.A Teacher Female
    Univ.B Student Male
    Univ.C
    Access Policy Univ.C * Male

     | Show Table
    DownLoad: CSV

    The w+ represents the attribute in the access policy, the w represents the access policy not have the attribute, and the wildcard w represents no effect on the attribute. Using ANDm to indicate the access policy:

    AP=w1,3w3,2

    Each of these is the value of the corresponding attribute, and the wildcard means that the attribute has no effect. Through the above comparison, it is obvious that the access strategy ANDm is simple and clear, so this paper adopts this structure.

    Given a list of attributes L and an access policy W, L|=W means that L matches W, and L|W means that the two do not match. Given a list of attributes L=[L1,L2,...,Ln] and access policy W=[W1,W2,...,Wn]=iIWWi. For 1in, if Li=Wi or Wi=, then L|=W, otherwise LW. Where IW={i|1in,Wi} is a subscript index set, which clarifies the attributes of non-wildcards that appear in W. In the calculation, only the values corresponding to these subscripts are taken for calculation (IL also take these indices to calculate). And does not appear in W the attribute is represented as a wildcard , and whether the user has the corresponding attribute does not affect its decryption ability.

    This scheme implements revocable storage and outsourcing decryption, so compared to the general CP-ABE, it will use two more servers: the revocation server and the outsourcing decryption server. The revocation server also completes the function of proxy re-encryption and updates the ciphertext after the revocation occurs. In this scheme, the users whose key needs to be updated does not need to send the decryption key information in the key to the revocation server, and only needs to exchange the irrelevant part, then they can decrypt the new ciphertext correctly, which is safer than the scheme [5]. Our scheme uses the version number to mark the ciphertext and key to complete the revocation. Therefore, the version number of each part should be consistent with the system version number. If it is inconsistent, the key or ciphertext should obtain the revocation related information from the revocation server to update the version to the latest. RVOC-CP-ABE requires the following six participants: data encryptor (DE), data decryptor (DD), authority center (AC), data storage server (DSS), revocation server (RS), and outsourcing decryption server (ODS).

    Data Encryptor (DE): The data encryptor is the user who owns the original plaintext. Considering the advantages of mixed encryption, it encrypts the plaintext with a symmetric key. Then it requests AC to obtain the system public key, and encrypts the symmetric key using the public key and the access policy, and then stores the ciphertexts to DSS.

    Data Decryptor (DD): The data decryptor is the user who accesses the system to obtain the plaintext. The user obtains the private key corresponding to the attribute from AC, and then converts the private key, sends the conversion key and the ciphertext to ODS, and the returned converted ciphertext is further decrypted to obtain the symmetric key, finally, the symmetric decryption is performed to obtain the plaintext. If the user finds that the private key version is inconsistent with the system version, the user should obtain the latest version of the revocation key from the RS, which is independent of the decryption key information in the private key.

    Authority Center (AC): The Authority center is a fully trusted server that initializes the scheme system to generate the system's public key and master secret key. Provide user registration function and generate a decryption private key for DD by the master secret key and user attributes.

    Data Storage Server (DSS): The data storage server is used to store the ciphertext encrypted by DE. Because it is a cloud server, it can easily expand its storage capacity and it is also an untrusted third-party server. All information should be encrypted when stored in it. When the version number of the ciphertext which is accessed is inconsistent with the system version number, DSS is responsible for passing the old version of the ciphertext to RS for re-encryption to complete the ciphertext update after the revocation is completed.

    Revocation Server (RS): The revocation server mainly stores the relevant information of the revocation: the re-encryption parameter table and the attribute revocation table. When the system revokes some users' attributes, RS is responsible for generating a new version of the revocation parameters and promoting the system version. After the storage server sends the low version ciphertext to RS, the server uses the re-encryption parameter table to re-encrypt the old version ciphertext, thereby implementing the ciphertext update and completing the revocable storage. When the user sends the low version revocation key to RS, the server uses the re-encryption parameter table and the attribute revocation table to calculate a new revocation key and return. In this scheme, if there are multiple revocation versions, ciphertexts and revocation keys of them can be updated in one time, which greatly reduces the resource overhead of re-encryption.

    Outsourcing Decryption Server (ODS): Due to the complex ABE decryption calculation, this scheme puts the most complicated part of the decryption process into the outsourcing decryption server. Because the user passes the blinded conversion key to the three-party server during decryption, it overcomes the untrustworthy problem of outsourcing decryption. After the complicated bilinear calculation, ODS only obtains the intermediate ciphertext.

    The program also adds decryption verification to ensure that revocation and outsourcing are performed correctly. The framework of RVOC-CP-ABE scheme is shown as Figure 1. The Authority Center initializes the system to generate the public key (PK) and master secret key (MSK). The data encryptor first performs symmetric encryption, then obtains the PK from AC, generates the ciphertext in combination with ANDm access policy and the symmetric key, and stores the ciphertexts in the data storage server. The data decryptor obtains the private key (SK) corresponding to the own attributes from the AC, blinds it into a conversion key, and sends the conversion key and ciphertext to the outsourcing decryption server. The server performs complex operations of decryption to obtain the converted ciphertext and return it to DD. The decryptor first performs preliminary verification on the converted ciphertext, then performs a simple operation to obtain the symmetric key, and verifies the symmetric key. If the verification passes, symmetric decryption is performed to obtain plaintext. If the SK or ciphertext is inconsistent with the system version during the decryption process, the corresponding update is performed by RS.

    Figure 1.  Framework of RVOC-CP-ABE.

    According to the above process, the RVOC-CP-ABE algorithm is mainly divided into eight parts, namely: initialization algorithm Setup, key generation algorithm KeyGen, encryption algorithm Enc, pre-decryption algorithm DecPre, decryption algorithm Dec, re-encryption parameter algorithm ReParam, re-encryption ciphertext algorithm ReEnc, re-encryption key algorithm ReKey. The latter three mainly occurred after the revocation event.

    1. Setup(1λ)(ver,PK,MSK): AC runs the system initialization algorithm, taking the security parameter λ as input, and outputs the system's PK and MSK. The authority center will publicize the PK and save the MSK safely.

    2. KeyGen(PK,MSK,L)(SK): The key generation algorithm is also run by AC. DD submits its attribute list L to AC. The server uses PK, MSK and L to generate the corresponding user private key SK.

    3. Enc(PK,M,W)(CT,E(M)): The encryption algorithm is run by DE. The algorithm first uses the symmetric key ck to encrypt the plaintext M to generate the symmetric ciphertext E(M), then inputs the system's PK, the symmetric key ck, and the access policy W, outputs the corresponding ciphertext CT, then saves the CT and E(M) to DSS.

    4. Dec-Pre(CT,PK,SK)(CT): The pre-decryption algorithm is mainly to perform outsourcing decryption operations. DD obtains the CT, and then uses the blind parameter z to blindly encrypt the own key SK to obtain the conversion key TK, then sends (CT,TK) to ODS for outsourcing decryption, and returns the intermediate ciphertext CT.

    5. Dec(CT,z,E(M))(M): After DD obtains the intermediate ciphertext, it uses CT and the blind parameter z to obtain the symmetric key ck, then verifies the decryption result. If the decryption succeeds, the symmetric decryption is continued to obtain the plaintext M.

    6. ReParam(μ,IDs): After the attribute revocation occurs in the system, RS obtains the attribute set μ that needs to be updated and its corresponding revocation user set IDs to perform system version upgrade, and generates a new version of the re-encryption parameter and the attribute revocation information.

    7. ReEnc(CT)(¯CT): DSS can check the ciphertext version when a DD accesses the ciphertext. If the version is not up-to-date, the ciphertext CT is sent to RS for ciphertext re-encryption to obtain the latest version of the ciphertext ¯CT.

    8. ReKey(SK)(¯SK): After obtaining the ciphertext CT, DD finds the version of its private key SK is inconsistent with CT's version, then DD sends its old version revocation key (a part of SK) to RS. RS checks whether it has the revocation attribute according to the user ID, and only updates the parameters corresponding to the unrevoked attributes of the user. After the user gets the new version revocation key, update SK to ¯SK.

    This scheme mainly needs the following aspects of security: ciphertext security, outsourcing decryption computing security, and security of revocation algorithm. The CP-ABE encryption system guarantees the security of ciphertext storage, and unauthorized users cannot successfully decrypt and obtain ciphertext. When the scheme performs the outsourcing decryption algorithm, the user needs to blind the key before sending it to the third-party server, so the security can be converted into the security of the scheme algorithm. On the other hand, the revocable storage of this scheme is implemented by the revocation server, it mainly generates new re-encryption parameters for different versions. Although the server directly updates the ciphertext, it only updates revocation key of the user's private key, does not involve the key part of decryption in the private key, so its security can also be transferred to the security of the scheme.

    For the above security issues, this paper considers the indistinguishability under chosen plaintext attack (IND-CPA), which is simulated by a security game containing adversary A and challenger C. The process is as follows:

    1. Initialization: Adversary A will select the access structure W and a version number ver used in the game and send them to challenger C.

    2. Setup: C runs the Setup algorithm in this scheme to initialize the system, create the system's public key PK and master secret key MSK, and run ReParam algorithm to upgrade the system version from 1 to ver. Finally, PK is sent to A.

    3. Phase 1: A can randomly select the attribute set S={S1,S2,...,Sn} from the all attributes set, S is limited to not satisfy W. A sends S to C query for private key. C calculates the private key SK corresponding to ver = 1 by running the calculation, and then returns SK to the adversary. A runs ReKey algorithm and raises the private key version to the ver version.

    4. Challenge: A selects two challenged plaintexts M0,M1 and sends them to C. C randomly selects a number b from {0, 1} then uses Mb as plaintext, inputs Mb, PK and W to the encryption algorithm to calculate the corresponding ciphertext CTb. After completing the above operation, C runs ReEnc algorithm updates CTb to ¯CTb which version is ver, then returns the ciphertext ¯CTb to A.

    5. Phase 2: A repeats the same query as Phase 1.

    6. Guess: A guesses b that b belongs to {0, 1}. If b=b then A wins this safe game. The probability of A winning a safe game in this game is defined as follows:

    AdvA=|Pr[b=b]12|

    If polynomial time adversary A has no probability to break the security game with a non-negligible advantage, then the adversary has no advantage, and it can be theoretically shown that RVOC-CP-ABE is safe.

    This section will give a concrete implementation of the revocation algorithm, the outsourcing decryption algorithm, and the basic CP-ABE scheme.

    Let G and Gt be two multiplicative cyclic groups with the order is a large prime p, g is a generator of G, and map e:G×GGt is a bilinear map. Suppose that the attribute domain of the system has a total of n attributes, and its attribute set is recorded as U={u1,u2,...,un}, each attribute has multiple values, and the i-th attribute ui has ni values. The corresponding set of values is denoted as Vi={vi,1,vi,2,...,vi,ni}. H:GtZp is a collision-resistant hash function.

    1. Setup(1λ)(ver,PK,MSK): The authority center runs the Setup algorithm to initialize the system. Select u,v,dG,xi,j,yi,jRZp(i[1,n],j[1,ni]). Then initialize the system version initial value ver = 1, generate the public key and the master secret key of system as follows:

    Xi,j=gxi,j,Yi,j=e(g,g)yi,j(1in,1jni) (3.1)
    PK=(g,u,v,d,{Xi,j,Yi,j}1in,1jni) (3.2)
    MSK=({xi,j,yi,j}1in,1jni) (3.3)

    2. KeyGen(PK,MSK,L)(SK): The user with the attribute list L=[L1,L2,...,Ln] applies for the attribute private key from the authority center. Let Li=vi,j, the authority center first selects a random number rRZp, the revocation key is ¯RK(1)i=1,1in, ¯RK(k)i represents i-th attribute Li corresponding to the k version of the revocation key, then calculates as follows:

    Ki=gyi,j+rxi,j(1in),K=gr,ver=1 (3.4)

    So the user private key SK is:

    SK=(ver,L,K,{Ki}1in,¯RK(ver)i1in) (3.5)

    3. Enc(PK,M,W)(CT,E(M)): First, the symmetric key ck is selected to symmetrically encrypt the plaintext M to generate the ciphertext E(M), then input public key PK, symmetric key ck and access policy W. Let ver=1,W=IWWi,Wi=vi,j, then the data encryptor selects a random number sRZp, calculates as follows:

    XW=iIWXi,j,YW=iIWYi,j (3.6)
    C0=ckYsW,C1=gs,C2=XsW (3.7)

    Due to the need of verification function, the encryptor continues to select sRZp,~ck, then calculates:

    C0=~ckYsW,C1=gs,C2=XsW,ˆC=uH(ck)vH(~ck)d (3.8)

    Therefore, the output ciphertext is CT=(ver,W,ˆC,C0,C1,C2,C0,C1,C2).

    4. Dec-Pre(CT,PK,SK)(CT): First, the user obtains the ciphertext CT from the data storage server. The data storage center detects whether the ver in the ciphertext is consistent with the system version number. If the inconsistency occurs, the server executes the ReEnc algorithm to obtain the new version of the ciphertext. After obtaining the ciphertext, the user checks whether the ver of SK is consistent with the ver in the obtained CT. If not, the ReKey algorithm is executed to obtain a new revocation key. If they are consistent, the user generates a conversion key for outsourcing computing, chooses an outsourcing parameter zRZp and save it, then calculates:

    K=K1z,Ki=K1zi(1in) (3.9)
    TK=(ver,L,K,{Ki}1in,¯RK(ver)i1in) (3.10)

    Then the user send (CT,TK) to outsourcing decryption server for outsourcing decryption operation. If the ver in the TK is inconsistent with the ver in the CT, the server directly suspends the operation and returns the decryption failure. Check user's attribute set L and the access policy W in ciphertext, If L|W, return decryption failed. Otherwise, the version number is the same and L=W, calculate ¯RK=iIL¯RK(ver)i. Assuming this is the decryption process of ver = 1, so ¯RK = 1, then doing the following calculation:

    T=e(C1,(iILKi)¯RK)e(C2,K)=e(g,g)siILyi,jz (3.11)
    T=e(C1,(iILKi)¯RK)e(C2,K)=e(g,g)siILyi,jz (3.12)

    The conversion ciphertext CT=(ˆT=ˆC,T0=C0,T0=C0,T,T,¯RK) is returned to the data decryptor.

    5. Dec(CT,z,E(M))(M): The user first checks whether part of the information in the converted ciphertext is consistent with the ciphertext: ˆT=ˆC,T0=C0,T0=C0, and if there is an inequality, the decryption is aborted. After verification, first assuming this is the decryption process of ver = 1, then ¯RK = 1, the decryption process is as follows:

    ck=(C0(T)z)1¯RK=cke(g,g)siIWyi,je(g,g)siILyi,j,~ck=(C0(T)z)1¯RK (3.13)

    Then verify: ˆT=uH(ck)vH(~ck)d. If the equation is true, then use ck to symmetric decrypt E(M) to get the message M, otherwise the decryption fails.

    6. ReParam(μ,IDs): Run this algorithm when the system has an attribute revocation. Input the attribute set μ that needs to be updated and the revocation user set IDs corresponding to each attribute. We use rk(k)i,j represent re-encryption parameter of attribute vi,j in the k-th version. In the new version ver+1, the re-encryption parameter rk(ver+1)i,j is selected for each attribute. If the revocation attribute is va,b, then rk(ver+1)a,bRZp,rk(ver+1)(i,j)(a,b)=1, that is, the non-revoked attribute re-encryption parameter is 1. The revocation server maintains two tables: the re-encryption parameter table and the attribute revocation table. Each time a revocation occurs, the system increments ver by 1. The re-encryption parameter table records the new version corresponding to the re-encryption parameters, as shown in the Table 3.

    Table 3.  Re-encryption parameter table.
    ver v1,1 v1,2 v2,1 vi,j vn,ni
    k rk(k)1,1 rk(k)1,2 rk(k)2,1 rk(k)i,j rk(k)n,ni
    2 rk(2)1,1 rk(2)1,2 rk(2)2,1 rk(2)i,j rk(2)n,ni
    1 1 1 1 1 1 1 1

     | Show Table
    DownLoad: CSV

    At the same time, save the user ID of each revocation attribute according to IDs, as shown in Table 4. According to the table, only the unrevoked attributes are re-encrypted when the relevant user performs key re-encryption.

    Table 4.  Attribute revocation table.
    attribute user ID
    vi,j ID1 ID2 ID5
    vi,j+1 ID2 ID3 ID4

     | Show Table
    DownLoad: CSV

    7. ReEnc(CT)(¯CT): The system after a revocation, does not need to update the ciphertext immediately. When a user accesses a ciphertext with an unupgraded version, the data storage server sends the ciphertext to the revocation server and updates the ciphertext multiple versions at a time. Assuming the old ciphertext differ with the latest version of the k version, first calculate based on the attributes contained in the access structure in the ciphertext:

    ¯RKW=iIWrk(ver+1)i,j×iIWrk(ver+2)i,j××iIWrk(ver+k)i,j (3.14)

    Then calculate:

    ¯C0=C¯RKW0,¯C2=C¯RKW2,¯C0=C¯RKW0,¯C2=C¯RKW2 (3.15)

    Return new ciphertext ¯CT=(ver+k,W,ˆC,¯C0,C1,¯C2,¯C0,C1,¯C2).

    8. ReKey(SK)(¯SK): When the user accesses the ciphertext and finds that the version number ver in SK is not equal to that in the ciphertext. Assuming there is a difference of k versions between the two, the user sends (ver,L,{¯RK(ver)i}1in) to the revocation server to obtain a new revocation key{¯RK(ver+k)i}. Here we can see that the revocation server gets only the insignificant private key information, not the core decryption parameters. The revocation server first determines whether there is an attribute of the user that is revoked according to the user's ID. If there is, the re-encryption parameter of the attribute is not included in the calculation, and IR is set to the attribute set that the user is revoked, and the following calculation is performed:

    ¯RK(ver+k)i=¯RK(ver)i×ver+kh=ver+1rk(h)i,j,iIL,iIR (3.16)

    The revocation ¯RK(ver+k)i of the user's revoked attribute remains the original value, finally return (ver+k,{¯RK(ver+k)i}1in). The user updates SK to ¯SK=(ver+k,L,K,{Ki}1in,¯RK(ver+k)i1in).

    To facilitate understanding, a specific revocation example is used to illustrate the process of the revocation algorithm and its correctness.

    Now assume that the first time the user is revoked attribute v1,2, the second time the user is revoked attribute v1,2,v2,3, the system version is from 1 to 3, and the ciphertext containing these two attributes is re-encrypted as follows:

    ¯RKW=iIWrk(2)i,j×iIWrk(3)i,j

    Other attributes are not revoked, rk(2)i,j(1,2)=1, rk(3)i,j(1,2),(2,3)=1, so ¯RKW=rk(2)(1,2)rk(3)(1,2)rk(3)(2,3), output new ciphertext ¯CT like the result of ReEnc algorithm.

    A user with the v1,2,v2,3 attributes and version number 1 accesses the above ciphertext, uses the Rey algorithm to calculate:

    ¯RK(3)1=¯RK(1)1×rk(2)1,2×rk(3)1,2,¯RK(3)2=¯RK(1)2×rk(2)2,3×rk(3)2,3

    Because of ¯RK(1)1=1,¯RK(1)2=1,rk(2)2,3=1,¯RK(3)i1,2=1, get the value of the revocation key ¯RK(3)1=rk(2)1,2×rk(3)1,2,¯RK(3)2=rk(3)2,3.

    Then the outsourcing decryption operation as follows:

    ¯RK=iIL¯RK(ver)i=rk(2)(1,2)rk(3)(1,2)rk(3)(2,3)
    T=e(C1,(iILKi)¯RK)e(¯C2,K)=e(gs,g¯RKziIL(yi,j+rxi,j))e(gs¯RKWiIWxi,j,grz)=e(g,g)s¯RKiILyi,jz
    T=e(C1,(iILKi)¯RK)e(¯C2,K)=e(g,g)s¯RKiILyi,jz

    Finally, the user local Calculation as follows:

    ck=(¯C0(T)z)1¯RK=(ck¯RKWe(g,g)s¯RKWiIWyi,je(g,g)s¯RKiILyi,j)1¯RK=(ck¯RKW)1¯RK,~ck=(¯C0(T)z)1¯RK

    Then verify ˆT=uH(ck)vH(~ck)d, if the equation is true, then use ck to symmetric decrypt E(M) to get the message M, otherwise the decryption fails. If the user has the attribute revoked, then ¯RK¯RKW, so it can't get the correct plaintext.

    In this section, it will be demonstrated that the scheme RVOC-CP-ABE is CPA-safe under the DBDH assumption.

    Theorem 1. If an adversary A wins the IND-CPA game with a non-negligible advantage ε, then there is a challenger C to solve the decision bilinear Diffie-Hellman problem with the advantage ε2.

    Proof. In the CPA game, the challenger C selects two multiplicative cyclic groups G and Gt of the order p, g is the generator of G, mapping e, hash function H, and a,b,cRZp. C throws one coin σ, if σ=0, then set z=abc, if σ=1, then set zRZp. C has a five-tuple (g,A,B,C,Z)=(g,ga,gb,gc,e(g,g)z), then simulates the IND-CPA security game as follows.

    Initialization. The adversary A generates a challenge access policy W=iIWWi, IW={i1,i2,...,im}(m<n) represents the subscript set of attributes which are not wildcards in the access policy W. Then A generates a version number ver(ver1), and sends W and ver to C.

    Setup. C runs the Setup algorithm of the scheme to calculate PK and MSK. For each iU,jUi(U={U1,U2,,Un} is a set of all attributes in system), select a random number i,jRZp, calculate Xi,j=gi,j,Yi,j=e(B,X1i,j)=e(g,g)bi,j(1in,1jni), and return PK to A. Then, C runs the ReParam algorithm to simulate the upgrade of ver1 versions. For the k-th version, set rk(k)i,jRZp if the attribute is revoked, if not rk(k)i,j=1.

    Phase 1. A selects a set of attributes L={L1,L2,..Ln},LU,Li=vi,j, but L does not satisfy W. A sends L to C for private key query. C selects δRZp, performs calculation Ki=g(b+δ)i,j,K=gδ,ver=1, the revocation key ¯RK(1)i=1,1in. C returns SK to A, A can choose to update the key, that is, run the ReKey algorithm, send parameters (ver=1,L,{¯RK(1)i}1in) to C. C calculates ¯RK(ver)i=¯RK(1)i×verh=2rk(h)i,j according to L,ver and user ID. After completion, A has the latest version of the key.

    Challenge. A submits two equal-length messages M0 and M1 to C, the challenger chooses bR{0,1} and calculates C0=MbYcW,C1=gc,C2=XcW. Let iIWi=a+η, there is

    C0=Mbe(g,g)ciIWbi=Mbe(g,g)cb(a+η)=MbZe(g,g)cbη

    Then C runs the ReEnc algorithm on CT, updates it to the latest version ver, and returns ¯CT to A.

    Phase 2. A repeats the same query as Phase 1.

    Guess. A outputs a guess b{0,1}, if b=b, C will output σ=0, this means (g,A,B,C,Z) is a valid DBDH group. Otherwise, C corresponds to output σ=1, where z is a random number, indicating a random five-tuple.

    If Z=e(g,g)abc, A gains a valid ciphertext, its advantage is:

    Pr[b=b|Z=e(g,g)abc]=12+ε

    If Z=R, the ciphertext is completely random to A, its advantage is:

    Pr[b=b|Z=R]=12

    Finally, the simulator's advantage in this game is described as follows:

    Adv=12Pr[b=b|Z=e(g,g)abc]+12Pr[b=b|Z=R]12=ε2

    This chapter mainly analyzes the performance of the RVOC-CP-ABE scheme through theoretical analysis and experimental simulation.

    Scholars have done a lot of research on the fixed ciphertext length CP-ABE and the CP-ABE that supports revocable storage. We compare the new scheme with other related schemes. As shown in Table 5 and Table 6, the main comparison indicators are ciphertext length |CT|, users' attribute private key size |SK|, decryption cost and implementation function. |G| and |Gt| in the table represent the bit length of one element in the groups G and Gt, n represents the number of attributes contained in the attribute field. For the convenience of comparison, only the bilinear operation and the exponential operation in the decryption algorithm are included in the comparison range, TGt represents the exponential operation time in the group Gt, and Te represents the bilinear operation time.

    Table 5.  Schemes comparison Ⅰ.
    Scheme |CT| |SK| Decryption
    [20] 2|G|+|Gt| 2|G| 2Te
    [39] (4n+3)|G|+2|Gt| (n+2)|G| 2TGt
    [32] (2n+1)|G|+|Gt| (n+2)|G| 2nTe+nTGt
    [5] (n+1)|G|+|Gt| (2n+1)|G|+|Zp| (n+1)Te
    [6] 4|G|+|Gt| (n+1)|G|+|Zp| (n+1)Te
    [4] 4|G|+2|Zp| 2|G|+2|Zp| 4TGt
    Ours 5|G|+2|Gt| (n+1)(|G|+|Zp|) 4TGt

     | Show Table
    DownLoad: CSV
    Table 6.  Schemes comparison Ⅱ.
    Scheme Revocable Storage Revocation Granularity Revocation Method Verifiable Outsourcing Decryption Constant Ciphertext Length Access Policy
    [20] × × × × ANDm
    [39] × × × × LSSS
    [32] User Revocation Indirect × × Tree
    [5] × Attribute Revocation Indirect × × AND+,
    [6] Attribute Revocation Direct × ANDm
    [4] User Revocation Direct AND
    Ours Attribute Revocation Indirect ANDm

     | Show Table
    DownLoad: CSV

    It can be seen from Table 5 that because our scheme achieves the constant ciphertext length, the ciphertext length is only 5|G|+2|Gt|. Compared with the scheme [5] that implements the version numbering revocation algorithm and the scheme for implementing verifiable outsourcing decryption [39], the ciphertext length does not increase as the number of attributes in the access policy increases. Scheme [20] has a private key length of only 2|G| because of its special access policy. To implement a flexible access policy, the private key will grow linearly with the number of user attributes n increasing. From the perspective of the decryption cost, our scheme will hand over the complex bilinear part which will dynamic change with the attribute set to the outsourcing decryption server, local only requires simple operations 4TGt, so the data decryptor's operation and the decryption complexity will be dramatically decreased compared to the schemes [32] [5] and [6] which is affected by the number of revocation.

    The AND-gates on positive and negative attributes with wildcards access policy of the scheme [5] and the AND-gates on multi-valued attributes access policy of the scheme [20] are not flexible enough. This scheme realizes the more flexible AND-gates on multi-valued attributes with wildcards access policy. Compared with the scheme [6], this scheme not only realizes the outsourcing decryption but also uses relatively simple revocation algorithm. The revocation algorithm of scheme [6] divides the ciphertext into four types of storage, its decryption algorithm also has four corresponding types, and also stores more revocation parameters, which increases the complexity of the scheme. [32] is the first scheme to propose the concept of revocable storage. It combines the nature of the "ciphertext proxy" to directly update the ciphertext when the revocation occurs. Although the revocation algorithm of this scheme refers to scheme [5], [5] does not implement revocable storage, and there are certain security problems. Our scheme also updates the core parameters of ciphertext in the revocation process while realizing the constant ciphertext length to ensure the accuracy of the revocation. Scheme [4] also implements revocable storage. Its ciphertext and key are fixed length, but its revocation granularity only reaches user revocation, our scheme reaches attribute revocation which is the finest granularity. Although our scheme implements indirect revocation, multiple revocations can be completed with only one update, which greatly reduces the overhead of updating ciphertext and private key. So our solution is more suitable for the actual scene.

    In general, other schemes have more or fewer problems in implementing the related functions of attribute-based encryption. Our scheme reduces storage cost and operation complexity while solving their shortcomings.

    In order to verify the theoretical analysis of the previous section, we use the PBC library developed in C language to simulate the scheme and other schemes. The experimental computer configuration is as follows: Intel i7-7700 processor, 8GB memory and 3.60GHz.

    To show the comparison results more clearly, in the figure, we call [5] as Yu's Scheme, [4] as Zhao's Scheme, [6] as Zhang's Scheme, [39] as Lai's Scheme.

    First, we simulated the ciphertext size, as shown in Figure 2. From the storage situation of the scheme [39] [5], the ciphertext size increases linearly with the number of attributes. When the number of attributes is 20, the ciphertext size will reach 8KB. However, the encryption method of our scheme will fix the ciphertext length, which will only occupy 0.4KB. Whether encrypting 1 attribute or multiple attributes, although the encryption complexity will be different (since encryption will only be done once, we don't consider the encryption cost), the ciphertext obtained last is constant length.

    Figure 2.  Ciphertext size.

    Then we simulated the decryption, monitoring the decryption time of [5] [6] and our scheme, as shown in Figure 3. The scheme [6] is divided into four types of decryption, and user's decryption process is related to the revocation user set. We only include the simplest decryption method in the comparison and the actual decryption time of [6] should be more. Under the above conditions, the decryption time of [6] is similar to that of [5]. When the decryption involves 20 attributes, the decryption time is about 230ms. Since this solution implements complex computing outsourcing, the resource-consuming calculation steps are all calculated by the outsourcing server. We only need to perform a simple calculation on the intermediate ciphertext. In theory, only 4TGt is needed (if not verify part for 2TGt), and the index operation on the group Gt has less running time than the bilinear pairing operation, so the decryption calculation time of this scheme is only about 20ms which is similar to the scheme [20].

    Figure 3.  Revocation time.
    Figure 4.  Revocation time.

    Next, we compared the ciphertext update time of [4], [6] and ours, as shown in Figure 3. We first fixed the total number of users in the system at 30, revoked 5 attributes each time, and observed the impact of the number of revoked users each time on the ciphertext update time. Obviously, the update time of all schemes is inversely proportional to the number of revoked users, because the more users involved in revoking attributes, the fewer relevant parameters of legitimate users that need to be updated. Since different revocation schemes adopt different methods, the space and time for the corresponding revocation are also different. As can be seen from the figure, the time consumption of our scheme is at a medium level. When there are 20 revoked users, the calculation time for updating the ciphertext is about 400ms. However, our solution does not need to update every time, it only updates the ciphertext when a user accesses a ciphertext with a new version, which also makes up for the drawback of time-consuming revocation.

    It can be seen from the specific experimental data that this scheme has certain advantages in decryption calculation and data storage, and the consumption of updated ciphertext is at a medium level.

    In this paper, we propose a CP-ABE scheme for efficient revocable storage and verifiable outsourcing decryption. With our proposed scheme, the fine-grained attribute revocation is implemented by the version numbering method and the proxy re-encryption technology, while revocable storage ensures forward security of the system. Due to the features of lower storage overhead and fixed ciphertext length, our scheme is more suitable for cloud storage scenarios with multi-attribute and multi-user. Moreover, to reduce the cost of users' local decryption calculations, our scheme securely outsources complex operations to a powerful third-party server, and users only need to perform a small amount of calculation and verification to obtain the correct information. Performance analysis demonstrates that this scheme has improved in all aspects compared to similar schemes.

    In future research, we will consider altering the access structure of this scheme, because the single AND-gate structure is still not flexible enough to satisfy more demanding access control strategies. With the development of technology, malicious attacks are becoming more and more unpredictable, so improving the security of the scheme is also an important research direction.

    This work was supported in part by Sichuan science and technology project under Grant 2018GZ0236 and Grant 2017FZ0004.

    The authors declare no conflict of interest.

    [1] Venter JC, Adams MD, Myers EW, et al. (2001) The sequence of the human genome. Science 291: 1304–1351. doi: 10.1126/science.1058040
    [2] Lander ES, Linton LM, Birren B, et al. (2001) Initial sequencing and analysis of the human genome. Nature 409: 860–921. doi: 10.1038/35057062
    [3] Fredriksson R, Lagerstrom MC, Lundin LG, et al. (2003) The G-protein-coupled receptors in the human genome form five main families. Phylogenetic analysis, paralogon groups, and fingerprints. Mol Pharmacol 63: 1256–1272.
    [4] Pierce KL, Premont RT, Lefkowitz RJ (2002) Seven-transmembrane receptors. Nat Rev Mol Cell Biol 3: 639–650. doi: 10.1038/nrm908
    [5] Lagerstrom MC, Schioth HB (2008) Structural diversity of G protein-coupled receptors and significance for drug discovery. Nat Rev Drug Discov 7: 339–357. doi: 10.1038/nrd2518
    [6] Chien EY, Liu W, Zhao Q, et al. (2010) Structure of the human dopamine D3 receptor in complex with a D2/D3 selective antagonist. Science 330: 1091–1095. doi: 10.1126/science.1197410
    [7] Yang J, Villar VA, Armando I, et al. (2016) G protein-coupled receptor kinases: Crucial regulators of blood pressure. J Am Heart Assoc 5: e003519. doi: 10.1161/JAHA.116.003519
    [8] Bar-Shavit R, Maoz M, Kancharla A, et al. (2016) G protein-coupled receptors in cancer. Int J Mol Sci 17: 1320. doi: 10.3390/ijms17081320
    [9] Flower DR (1999) Modelling G-protein-coupled receptors for drug design. Biochim Biophys Acta 1422: 207–234. doi: 10.1016/S0304-4157(99)00006-4
    [10] Katritch V, Cherezov V, Stevens RC (2012) Diversity and modularity of G protein-coupled receptor structures. Trends Pharmacol Sci 33: 17–27. doi: 10.1016/j.tips.2011.09.003
    [11] Gether U, Ballesteros JA, Seifert R, et al. (1997) Structural instability of a constitutively active G protein-coupled receptor. Agonist-independent activation due to conformational flexibility. J Biol Chem 272: 2587–2590.
    [12] Seifert R, Wenzel-Seifert K (2002) Constitutive activity of G-protein-coupled receptors: cause of disease and common property of wild-type receptors. Naunyn Schmiedebergs Arch Pharmacol 366: 381–416. doi: 10.1007/s00210-002-0588-0
    [13] Nelson G, Hoon MA, Chandrashekar J, et al. (2001) Mammalian sweet taste receptors. Cell 106: 381–390. doi: 10.1016/S0092-8674(01)00451-2
    [14] Nelson G, Chandrashekar J, Hoon MA, et al. (2002) An amino-acid taste receptor. Nature 416: 199–202. doi: 10.1038/nature726
    [15] Milligan G (2004) G protein-coupled receptor dimerization: Function and ligand pharmacology. Mol Pharmacol 66.
    [16] Syrovatkina V, Alegre KO, Dey R, et al. (2016) Regulation, signaling, and physiological functions of G-proteins. J Mol Biol 428: 3850–3868. doi: 10.1016/j.jmb.2016.08.002
    [17] Wess J (1997) G-protein-coupled receptors: molecular mechanisms involved in receptor activation and selectivity of G-protein recognition. FASEB J 11: 346–354.
    [18] Rasumussen SG, DeVree BT, Zou Y, et al. (2011) Crystal structure of the beta2 adrenergic receptor-Gs protein complex. Nature 477: 549–555. doi: 10.1038/nature10361
    [19] Gilman AG (1987) G proteins: transducers of receptor-generated signals. Annu Rev Biochem 56: 615–649. doi: 10.1146/annurev.bi.56.070187.003151
    [20] Nie J, Lewis DL (2001) Structural domains of the CB1 cannabinoid receptor that contribute to constitutive activity and G-protein sequestration. J Neurosci 21: 8758–8764.
    [21] Kobilka BK, Deupi X (2007) Conformational complexity of G-protein-coupled receptors. Trends Pharmacol Sci 28: 397–406. doi: 10.1016/j.tips.2007.06.003
    [22] Ross EM, Wilkie TM (2000) GTPase-activating proteins for heterotrimeric G proteins: regulators of G protein signaling (RGS) and RGS-like proteins. Annu Rev Biochem 69: 795–827. doi: 10.1146/annurev.biochem.69.1.795
    [23] Claing A, Laporte SA, Caron MG, et al. (2002) Endocytosis of G protein-coupled receptors: roles of G protein-coupled receptor kinases and beta-arrestin proteins. Prog Neurobiol 66: 61–79. doi: 10.1016/S0301-0082(01)00023-5
    [24] Okada T, Le TI, Fox BA, et al. (2000) X-Ray diffraction analysis of three-dimensional crystals of bovine rhodopsin obtained from mixed micelles. J Struct Biol 130: 73–80. doi: 10.1006/jsbi.1999.4209
    [25] Palczewski K, Kumasaka T, Hori T, et al. (2000) Crystal structure of rhodopsin: A G protein-coupled receptor. Science 289: 739–745. doi: 10.1126/science.289.5480.739
    [26] Cherezov V, Rosenbaum DM, Hanson MA, et al. (2007) High resolution crystal structure of an engineered human beta2-adrenergic G protein-couple receptor. Science 318: 1258–1265. doi: 10.1126/science.1150577
    [27] Rasmussen SG, Choi HJ, Rosenbaum DM, et al. (2007) Crystal structure of the human beta2 adrenergic G-protein-coupled receptor. Nature 450: 383–387. doi: 10.1038/nature06325
    [28] Stroud RM (2011) New tools in membrane protein determination. F1000 Biol Rep 3: 8.
    [29] Ujwal R, Bowie JU (2011) Crystallizing membrane proteins using lipidic bicelles. Methods 55: 337–341. doi: 10.1016/j.ymeth.2011.09.020
    [30] Denisov IG, Sligar SG (2016) Nanodiscs for structural and functional studies of membrane proteins. Nat Struct Mol Biol 23: 481–486. doi: 10.1038/nsmb.3195
    [31] Xiang J, Chun E, Liu C, et al. (2016) Successful strategies to determine high-resolution structures of GPCRs. Trends Pharmacol Sci 37: 1055–1069. doi: 10.1016/j.tips.2016.09.009
    [32] Rawlings AE (2016) Membrane proteins: always an insoluble problem? Biochem Soc Trans 44: 790–795. doi: 10.1042/BST20160025
    [33] Neubig RR, Siderovski DP (2002) Regulators of G-protein signalling as new central nervous system drug targets. Nat Rev Drug Discov 1: 187–197. doi: 10.1038/nrd747
    [34] Bayburt TH, Grinkova YV, Sligar SG (2002) Self-assembly of discoidal phospholipid bilayer nanoparticles with membrane scaffold proteins. Nano Lett 2: 853–856. doi: 10.1021/nl025623k
    [35] Delmar JA, Bolla JR, Su CC, et al. (2015) Crystallization of membrane proteins by vapor diffusion. Methods Enzymol 557: 363–392. doi: 10.1016/bs.mie.2014.12.018
    [36] Jaakola VP, Griffith MT, Hanson MA, et al. (2008) The 2.6 angstrom crystal structure of a human A2A adenosine receptor bound to an antagonist. Science 322: 1211–1217.
    [37] Dore AS, Okrasa K, Patel JC, et al. (2014) Structure of class C GPCR metabotropic glutamate receptor 5 transmembrane domain. Nature 511: 557–562. doi: 10.1038/nature13396
    [38] Thompson AA, Liu W, Chun E, et al. (2012) Structure of the nociceptin/orphanin FQ receptor in complex with a peptide mimetic. Nature 485: 395–399. doi: 10.1038/nature11085
    [39] Wang C, Wu H, Katritch V, et al. (2013) Structure of the human smoothened receptor bound to an antitumour agent. Nature 497: 338–343. doi: 10.1038/nature12167
    [40] Yin J, Babaoglu K, Brautigam CA, et al. (2016) Structure and ligand-binding mechanism of the human OX1 and OX2 orexin receptors. Nat Struct Mol Biol 23: 293–299. doi: 10.1038/nsmb.3183
    [41] Zhang K, Zhang J, Gao Z, et al. (2014) Structure of the human P2Y12 receptor in complex with an antithrombotic drug. Nature 509.
    [42] Isberg V, Mordalski S, Munk C, et al. (2016) GPCRdb: an information system for G protein-coupled receptors. Nucleic Acids Res.
    [43] Berman HM, Westbrook J, Feng Z, et al. (2000) The protein data bank. Nucl Acids Res 28: 235–242. doi: 10.1093/nar/28.1.235
    [44] Teller DC, Okada T, Behnke CA, et al. (2001) Advances in determination of a high-resolution three-dimensional structure of rhodopsin, a model of G-protein-coupled receptors (GPCRs). Biochemistry 40: 7761–7772. doi: 10.1021/bi0155091
    [45] Yeagle PL, Choi G, Albert AD (2001) Studies on the structure of the G-protein-coupled receptor rhodopsin including the putative G-protein binding site in unactivated and activated forms. Biochemistry 40: 11932–11937. doi: 10.1021/bi015543f
    [46] Okada T, Fujiyoshi Y, Silow M, et al. (2002) Functional role of internal water molecules in rhodopsin revealed by X-ray crystallography. Proc Natl Acad Sci USA 99: 5982–5987. doi: 10.1073/pnas.082666399
    [47] Choi G, Landin J, Galan JF, et al. (2002) Structural studies of metarhodopsin II, the activated form of the G-protein coupled receptor, rhodopsin. Biochemistry 41: 7318–7324. doi: 10.1021/bi025507w
    [48] Li J, Edwards PC, Burghammer M, et al. (2004) Structure of bovine rhodopsin in a trigonal crystal form. J Mol Biol 343: 1409–1438. doi: 10.1016/j.jmb.2004.08.090
    [49] Okada T, Sugihara M, Bondar AN, et al. (2004) The retinal conformation and its environment in rhodopsin in light of a new 22 A crystal structure. J Mol Biol 342: 571–583. doi: 10.1016/j.jmb.2004.07.044
    [50] Nakamichi H, Okada T (2006) Crystallographic analysis of primary visual photochemistry. Angew Chem Int Ed Engl 45: 4270–4273. doi: 10.1002/anie.200600595
    [51] Nakamichi H, Okada T (2006) Local peptide movement in the photoreaction intermediate of rhodopsin. Proc Natl Acad Sci USA 103: 12729–12734. doi: 10.1073/pnas.0601765103
    [52] Salom D, Lodowski DT, Stenkamp RE, et al. (2006) Crystal structure of a photoactivated deprotonated intermediate of rhodopsin. Proc Natl Acad Sci USA 103: 16123–16128. doi: 10.1073/pnas.0608022103
    [53] Standfuss J, Xie G, Edwards PC, et al. (2007) Crystal structure of a thermally stable rhodopsin mutant. J Mol Biol 372: 1179–1188. doi: 10.1016/j.jmb.2007.03.007
    [54] Nakamichi H, Buss V, Okada T (2007) Photoisomerization mechanism of rhodopsin and 9-cis-rhodopsin revealed by x-ray crystallography. Biophys J 92: L106–L108. doi: 10.1529/biophysj.107.108225
    [55] Stenkamp RE (2008) Alternative models for two crystal structures of bovine rhodopsin. Acta Crystallogr D D64: 902–904.
    [56] Park JH, Scheerer P, Hofmann KP, et al. (2008) Crystal structure of the ligand-free G-protein-coupled receptor opsin. Nature 454: 183–187. doi: 10.1038/nature07063
    [57] Scheerer P, Park JH, Hildebrand PW, et al. (2008) Crystal structure of opsin in its G-protein-interacting conformation. Nature 455: 497–502. doi: 10.1038/nature07330
    [58] Standfuss J, Edwards PC, D'Antona A, et al. (2011) The structural basis of agonist-induced activation in constitutively active rhodopsin. Nature 471: 656–660. doi: 10.1038/nature09795
    [59] Makino CL, Riley CK, Looney J, et al. (2010) Binding of more than one retinoid to visual opsins. Biophys J 99: 2366–2373. doi: 10.1016/j.bpj.2010.08.003
    [60] Choe HW, Kim YJ, Park JH, et al. (2011) Crystal structure of metarhodopsin II. Nature 471: 651–655. doi: 10.1038/nature09789
    [61] Deupi X, Edwards P, Singhal A, et al. (2012) Stabilized G protein binding site in the structure of constitutively active metarhodopsin-II. Proc Natl Acad Sci USA 109: 119–124. doi: 10.1073/pnas.1114089108
    [62] Park JH, Morizumi T, Li Y, et al. (2013) Opsin, a structural model for olfactory receptors? Angew Chem Int Ed Engl 52: 11021–11024. doi: 10.1002/anie.201302374
    [63] Singhal A, Ostermaier MK, Vishnivetskiy SA, et al. (2013) Insights into congenital stationary night blindness based on the structure of G90D rhodopsin. EMBO Rep 14: 520–526. doi: 10.1038/embor.2013.44
    [64] Szczepek M, Beyriere F, Hofmann KP, et al. (2014) Crystal structure of a common GPCR-binding interface for G protein and arrestin. Nat Commun 5: 4801. doi: 10.1038/ncomms5801
    [65] Blankenship E, Vahedi-Faridi A, Lodowski DT (2015) The high-resolution structure of activated opsin reveals a conserved solvent network in the transmembrane region essential for activation. Structure 23: 2358–2364. doi: 10.1016/j.str.2015.09.015
    [66] Kang Y, Zhou XE, Gao X, et al. (2015) Crystal structure of rhodopsin bound to arrestin by femtosecond X-ray laser. Nature 523: 561–567. doi: 10.1038/nature14656
    [67] Singhal A, Guo Y, Matkovic M, et al. (2016) Structural role of the T94I rhodopsin mutation in congenital stationary night blindness. EMBO Rep 17: 1431–1440. doi: 10.15252/embr.201642671
    [68] Gulati S, Jastrzebska B, Banerjee S, et al. (2017) Photocyclic behavior of rhodopsin induced by an atypical isomerization mechanism. Proc Natl Acad Sci USA 114: E2608–E2615. doi: 10.1073/pnas.1617446114
    [69] Warne T, Serrano-Vega MJ, Baker JG, et al. (2008) Structure of a beta1-adrenergic G-protein-coupled receptor. Nature 454: 486–491. doi: 10.1038/nature07101
    [70] Warne T, Moukhametzianov R, Baker JG, et al. (2011) The structural basis for agonist and partial agonist action on a beta(1)-adrenergic receptor. Nature 469: 241–244. doi: 10.1038/nature09746
    [71] Moukhametzianov R, Warne T, Edwards PC, et al. (2011) Two distinct conformations of helix 6 observed in antagonist-bound structures of a beta-1 adrenergic receptor. Proc Natl Acad Sci USA 108: 8228–8232. doi: 10.1073/pnas.1100185108
    [72] Christopher JA, Brown J, Dore AS, et al. (2013) Biophysical fragment screening of the beta1-adrenergic receptor: identification of high affinity arylpiperazine leads using structure-based drug design. J Med Chem 56: 3446–3455. doi: 10.1021/jm400140q
    [73] Warne T, Edwards PC, Leslie AG, et al. (2012) Crystal structures of a stabilized beta1-adrenoceptor bound to the biased agonists bucindolol and carvedilol. Structure 20: 841–849. doi: 10.1016/j.str.2012.03.014
    [74] Miller-Gallacher JL, Nehme R, Warne T, et al. (2014) The 2.1 A resolution structure of cyanopindolol-bound beta1-adrenoceptor identifies an intramembrane Na+ ion that stabilises the ligand-free receptor. PLoS One 9: e92727.
    [75] Huang J, Chen S, Zhang JJ, et al. (2013) Crystal structure of oligomeric beta1-adrenergic G protein-coupled receptors in ligand-free basal state. Nat Struct Mol Biol 20: 419–425. doi: 10.1038/nsmb.2504
    [76] Sato T, Baker J, Warne T, et al. (2015) Pharmacological analysis and structure determination of 7-Methylcyanopindolol-bound beta1-adrenergic receptor. Mol Pharmacol 88: 1024–1034. doi: 10.1124/mol.115.101030
    [77] Leslie AG, Warne T, Tate CG (2015) Ligand occupancy in crystal structure of beta1-adrenergic G protein-coupled receptor. Nat Struct Mol Biol 22: 941–942. doi: 10.1038/nsmb.3130
    [78] Hanson MA, Cherezov V, Griffith MT, et al. (2008) A specific cholesterol binding site is established by the 2.8 A structure of the human beta2-adrenergic receptor. Structure 6: 897–905.
    [79] Bokoch MP, Zou Y, Rasmussen SG, et al. (2010) Ligand-specific regulation of the extracellular surface of a G-protein-coupled receptor. Nature 463: 108–112. doi: 10.1038/nature08650
    [80] Wacker D, Fenalti G, Brown MA, et al. (2010) Conserved binding mode of human beta2 adrenergic receptor inverse agonists and antagonist revealed by X-ray crystallography. J Am Chem Soc 132: 11443–11445. doi: 10.1021/ja105108q
    [81] Rasmussen SG, Choi HJ, Fung JJ, et al. (2011) Structure of a nanobody-stabilized active state of the beta(2) adrenoceptor. Nature 469: 175–180. doi: 10.1038/nature09648
    [82] Rosenbaum DM, Zhang C, Lyons JA, et al. (2011) Structure and function of an irreversible agonist-beta(2) adrenoceptor complex. Nature 469: 236–240. doi: 10.1038/nature09665
    [83] Zou Y, Weis WI, Kobilka BK (2012) N-terminal T4 lysozyme fusion facilitates crystallization of a G protein coupled receptor. PLos One 7.
    [84] Ring AM, Manglik A, Kruse AC, et al. (2013) Adrenaline-activated structure of beta2-adrenoreceptor stabilized by an engineered nanobody. Nature 502: 575–579. doi: 10.1038/nature12572
    [85] Weichert D, Kruse AC, Manglik A, et al. (2014) Covalent agonists for studying G protein-coupled receptor activation. Proc Natl Acad Sci USA 111: 10744–10748. doi: 10.1073/pnas.1410415111
    [86] Huang CY, Olieric V, Ma P, et al. (2016) In meso in situ serial X-ray crystallography of soluble and membrane proteins at cryogenic temperatures. Acta Crystallogr D 72: 93–112. doi: 10.1107/S2059798315021683
    [87] Staus DP, Strachan RT, Manglik A, et al. (2016) Allosteric nanobodies reveal the dynamic range and diverse mechanisms of G-protein-coupled receptor activation. Nature 535: 448–452. doi: 10.1038/nature18636
    [88] Shimamura T, Shiroishi M, Weyand S, et al. (2011) Structure of the human histamine H1 receptor complex with doxepin. Nature 475: 65–70. doi: 10.1038/nature10236
    [89] Wang C, Jiang Y, Ma J, et al. (2013) Structural basis for molecular recognition at serotonin receptors. Science 340: 610–614. doi: 10.1126/science.1232807
    [90] Wacker D, Wang C, Katritch V, et al. (2013) Structural features for functional selectivity at serotonin receptors. Science 340: 615–619. doi: 10.1126/science.1232808
    [91] Liu W, Wacker D, Gati C, et al. (2013) Serial femtosecond crystallography of G protein-coupled receptors. Science 342: 1521–1524. doi: 10.1126/science.1244142
    [92] Wacker D, Wang S, McCorvy JD, et al. (2017) Crystal structure of an LSD-bound human serotonin receptor. Cell 168: 377–389. doi: 10.1016/j.cell.2016.12.033
    [93] Thal DM, Sun B, Feng D, et al. (2016) Crystal structures of the M1 and M4 muscarinic acetylcholine receptors. Nature 531: 335–340. doi: 10.1038/nature17188
    [94] Haga K, Kruse AC, Asada H, et al. (2012) Structure of the human M2 muscarinic acetylcholine receptor bound to an antagonist. Nature 482: 547–551. doi: 10.1038/nature10753
    [95] Kruse AC, Ring AM, Manglik A, et al. (2013) Activation and allosteric modulation of a muscarinic acetylcholine receptor. Nature 504: 101–106. doi: 10.1038/nature12735
    [96] Kruse AC, Hu J, Pan AC, et al. (2012) Structure and dynamics of the M3 muscarinic acetylcholine receptor. Nature 482: 552–556. doi: 10.1038/nature10867
    [97] Thorsen TS, Matt R, Weis WI, et al. (2014) Modified T4 lysozyme fusion proteins facilitate G protein-coupled receptor crystallogenesis. Structure 22: 1657–1664. doi: 10.1016/j.str.2014.08.022
    [98] Glukhova A, Thal DM, Nguyen AT, et al. (2017) Structure of the adenosine A1 receptor reveals the basis for subtype selectivity. Cell 168: 867–877. doi: 10.1016/j.cell.2017.01.042
    [99] Dore AS, Robertson N, Errey JC, et al. (2011) Structure of the adenosine A(2A) receptor in complex with ZM241385 and the xanthines XAC and caffeine. Structure 19: 1283–1293. doi: 10.1016/j.str.2011.06.014
    [100] Xu F, Wu H, Katritch V, et al. (2011) Structure of an agonist-bound human A2A adenosine receptor. Science 332: 322–327. doi: 10.1126/science.1202793
    [101] Lebon G, Warne T, Edwards PC, et al. (2011) Agonist-bound adenosine A2A receptor structures reveal common features of GPCR activation. Nature 474: 521–525. doi: 10.1038/nature10136
    [102] Hino T, Arakawa T, Iwanari H, et al. (2012) G-protein-coupled receptor inactivation by an allosteric inverse-agonist antibody. Nature 482: 237–240.
    [103] Congreve M, Andrews SP, Dore AS, et al. (2012) Discovery of 1,2,4-triazine derivatives as adenosine A(2A) antagonists using structure based drug design. J Med Chem 55: 1898–1903. doi: 10.1021/jm201376w
    [104] Liu W, Chun E, Thompson AA, et al. (2012) Structural basis for allosteric regulation of GPCRs by sodium ions. Science 337: 232–236. doi: 10.1126/science.1219218
    [105] Lebon G, Edwards PC, Leslie AG, et al. (2015) Molecular determinants of CGS21680 binding to the human adenosine A2A receptor. Mol Pharmacol 87: 907–915. doi: 10.1124/mol.114.097360
    [106] Segala E, Guo D, Cheng RK, et al. (2016) Controlling the dissociation of ligands from the adenosine A2A receptor through modulation of salt bridge strength. J Med Chem 59: 6470–6479. doi: 10.1021/acs.jmedchem.6b00653
    [107] Batyuk A, Galli L, Ishchenko A, et al. (2016) Native phasing of x-ray free-electron laser data for a G protein-coupled receptor. Sci Adv 2: e1600292. doi: 10.1126/sciadv.1600292
    [108] Carpenter B, Nehme R, Warne T, et al. (2016) Structure of the adenosine A(2A) receptor bound to an engineered G protein. Nature 536: 104–107. doi: 10.1038/nature18966
    [109] Sun B, Bachhawat P, Chu ML, et al. (2017) Crystal structure of the adenosine A2A receptor bound to an antagonist reveals a potential allosteric pocket. Proc Natl Acad Sci USA 114: 2066–2071. doi: 10.1073/pnas.1621423114
    [110] Hanson MA, Roth CB, Jo E, et al. (2012) Crystal structure of a lipid G protein-coupled receptor. Science 335: 851–855. doi: 10.1126/science.1215904
    [111] Chrencik JE, Roth CB, Terakado M, et al. (2015) Crystal structure of antagonist bound human lysophosphatidic acid receptor 1. Cell 161: 1633–1643. doi: 10.1016/j.cell.2015.06.002
    [112] Hua T, Vemuri K, Pu M, et al. (2016) Crystal structure of the human cannabinoid receptor CB1. Cell 167: 750–762. doi: 10.1016/j.cell.2016.10.004
    [113] Shao Z, Yin J, Chapman K, et al. (2016) High-resolution crystal structure of the human CB1 cannabinoid receptor. Nature.
    [114] White JF, Noinaj N, Shibata Y, et al. (2012) Structure of the agonist-bound neurotensin receptor. Nature 490: 508–513. doi: 10.1038/nature11558
    [115] Egloff P, Hillenbrand M, Klenk C, et al. (2014) Structure of signaling-competent neurotensin receptor 1 obtained by directed evolution in Escherichia coli. Proc Natl Acad Sci USA 111: E655–E662. doi: 10.1073/pnas.1317903111
    [116] Krumm BE, White JF, Shah P, et al. (2015) Structural prerequisites for G-protein activation by the neurotensin receptor. Nat Commun 6: 7895. doi: 10.1038/ncomms8895
    [117] Krumm BE, Lee S, Bhattacharya S, et al. (2016) Structure and dynamics of a constitutively active neurotensin receptor. Sci Rep 6: 38564. doi: 10.1038/srep38564
    [118] Yin J, Mobarec JC, Kolb P, et al. (2015) Crystal structure of the human OX2 orexin receptor bound to the insomnia drug suvorexant. Nature 519: 247–250.
    [119] Gayen A, Goswami SK, Mukhopadhyay C (2011) NMR evidence of GM1-induced conformational change of Substance P using isotropic bicelles. Biochim Biophys Acta 1808: 127–139. doi: 10.1016/j.bbamem.2010.09.023
    [120] Shihoya W, Nishizawa T, Okuta A, et al. (2016) Activation mechanism of endothelin ETB receptor by endothelin-1. Nature 537: 363–368. doi: 10.1038/nature19319
    [121] Park SH, Das BB, Casagrande F, et al. (2012) Structure of the chemokine receptor CXCR1 in phospholipid bilayers. Nature 491: 779–783.
    [122] Zheng Y, Qin L, Zacarias NV, et al. (2016) Structure of CC chemokine receptor 2 with orthosteric and allosteric antagonists. Nature 540: 458–461. doi: 10.1038/nature20605
    [123] Wu B, Chien EY, Mol CD, et al. (2010) Structures of the CXCR4 chemokine GPCR with small-molecule and cyclic peptide antagonists. Science 330: 1066–1071. doi: 10.1126/science.1194396
    [124] Qin L, Kufareva I, Holden LG, et al. (2015) Structural biology. Crystal structure of the chemokine receptor CXCR4 in complex with a viral chemokine. Science 347: 1117–1122.
    [125] Tan Q, Zhu Y, Li J, et al. (2013) Structure of the CCR5 chemokine receptor-HIV entry inhibitor maraviroc complex. Science 341: 1387–1390. doi: 10.1126/science.1241475
    [126] Oswald C, Rappas M, Kean J, et al. (2016) Intracellular allosteric antagonism of the CCR9 receptor. Nature 540: 462–465. doi: 10.1038/nature20606
    [127] Miller RL, Thompson AA, Trapella C, et al. (2015) The importance of ligand-receptor conformational pairs in stabilization: Spotlight on the N/OFQ G protein-coupled receptor. Structure 23: 2291–2299. doi: 10.1016/j.str.2015.07.024
    [128] Wu H, Wacker D, Mileni M, et al. (2012) Structure of the human kappa-opioid receptor in complex with JDTic. Nature 485: 327–332. doi: 10.1038/nature10939
    [129] Manglik A, Kruse AC, Kobilka TS, et al. (2012) Crystal structure of the mu-opioid receptor bound to a morphinan antagonist. Nature 485: 321–326. doi: 10.1038/nature10954
    [130] Huang W, Manglik A, Venkatakrishnan AJ, et al. (2015) Structural insights into micro-opioid receptor activation. Nature 524: 315–321. doi: 10.1038/nature14886
    [131] Granier S, Manglik A, Kruse AC, et al. (2012) Structure of the delta-opioid receptor bound to naltrindole. Nature 485: 400–404. doi: 10.1038/nature11111
    [132] Fenalti G, Giguere PM, Katritch V, et al. (2014) Molecular control of delta-opioid receptor signaling. Nature 506: 191–196. doi: 10.1038/nature12944
    [133] Fenalti G, Zatsepin NA, Betti C, et al. (2015) Structural basis for bifunctional peptide recognition at human delta-opioid receptor. Nat Struct Mol Biol 22: 265–268. doi: 10.1038/nsmb.2965
    [134] Zhang H, Unal H, Gati C, et al. (2015) Structure of the Angiotensin receptor revealed by serial femtosecond crystallography. Cell 161: 833–844. doi: 10.1016/j.cell.2015.04.011
    [135] Zhang H, Unal H, Desnoyer R, et al. (2015) Structural basis for ligand recognition and functional selectivity at angiotensin receptor. J Biol Chem 290: 29127–29139. doi: 10.1074/jbc.M115.689000
    [136] Zhang H, Han GW, Batyuk A, et al. (2017) Structural basis for selectivity and diversity in angiotensin II receptors. Nature.
    [137] Burg JS, Ingram JR, Venkatakrishnan AJ, et al. (2015) Structural biology. Structural basis for chemokine recognition and activation of a viral G protein-coupled receptor. Science 347: 1113–1117.
    [138] Zhang D, Gao ZG, Zhang K, et al. (2015) Two disparate ligand-binding sites in the human P2Y1 receptor. Nature 520: 317–321. doi: 10.1038/nature14287
    [139] Zhang J, Zhang K, Gao ZG, et al. (2014) Agonist-bound structure of the human P2Y12 receptor. Nature 509: 119–122. doi: 10.1038/nature13288
    [140] Zhang C, Srinivasan Y, Arlow DH, et al. (2012) High-resolution crystal structure of human protease-activated receptor 1. Nature 492: 387–392. doi: 10.1038/nature11701
    [141] Srivastava A, Yano J, Hirozane Y, et al. (2014) High-resolution structure of the human GPR40 receptor bound to allosteric agonist TAK-875. Nature 513: 124–127. doi: 10.1038/nature13494
    [142] Siu FY, He M, de Graaf C, et al. (2013) Structure of the human glucagon class B G-protein-coupled receptor. Nature 499: 444–449. doi: 10.1038/nature12393
    [143] Jazayeri A, Dore AS, Lamb D, et al. (2016) Extra-helical binding site of a glucagon receptor antagonist. Nature 533: 274–277. doi: 10.1038/nature17414
    [144] Hollenstein K, Kean J, Bortolato A, et al. (2013) Structure of class B GPCR corticotropin-releasing factor receptor 1. Nature 499: 438–443. doi: 10.1038/nature12357
    [145] Dore AS, Bortolato A, Hollenstein K, et al. (2017) Decoding corticotropin-releasing factor receptor type 1 crystal structures. Curr Mol Pharmacol: Epub ahead of print, DOI: 10.2174/1874467210666170110114727.
    [146] Wu H, Wang C, Gregory KJ, et al. (2014) Structure of a class C GPCR metabotropic glutamate receptor 1 bound to an allosteric modulator. Science 344: 58–64. doi: 10.1126/science.1249489
    [147] Christopher JA, Aves SJ, Bennett KA, et al. (2015) Fragment and structure-based drug discovery for a class C GPCR: Discovery of the mGlu5 negative allosteric modulator HTL14242 (3-Chloro-5-[6-(5-fluoropyridin-2-yl)pyrimidin-4-yl]benzonitrile). J Med Chem 58: 6653–6664. doi: 10.1021/acs.jmedchem.5b00892
    [148] Wang C, Wu H, Evron T, et al. (2014) Structural basis for Smoothened receptor modulation and chemoresistance to anticancer drugs. Nat Commun 5: 4355.
    [149] Byrne EF, Sircar R, Miller PS, et al. (2016) Structural basis of Smoothened regulation by its extracellular domains. Nature 535: 517–522. doi: 10.1038/nature18934
    [150] Lundstrom K (2006) Latest development in drug discovery on G protein-coupled receptors. Curr Protein Pept Sci 7: 465–470. doi: 10.2174/138920306778559403
    [151] Shonberg J, Kling RC, Gmeiner P, et al. (2015) GPCR crystal structures: Medicinal chemistry in the pocket. Bioorg Med Chem 23: 3880–3906. doi: 10.1016/j.bmc.2014.12.034
    [152] Attwood TK, Findlay JB (1993) Design of a discriminating fingerprint for G-protein-coupled receptors. Protein Eng 6: 167–176. doi: 10.1093/protein/6.2.167
    [153] Chee MS, Satchwell SC, Preddie E, et al. (1990) Human cytomegalovirus encodes three G protein-coupled receptor homologues. Nature 344: 774–777. doi: 10.1038/344774a0
    [154] Attwood TK, Findlay JB (1994) Fingerprinting G-protein-coupled receptors. Protein Eng 7: 195–203. doi: 10.1093/protein/7.2.195
    [155] Strader CD, Sigal IS, Dixon RA (1989) Structural basis of beta-adrenergic receptor function. FASEB J 3: 1825–1832.
    [156] Liapakis G, Ballesteros JA, Papachristou S, et al. (2000) The forgotten serine. A critical role for Ser-2035.42 in ligand binding to and activation of the beta 2-adrenergic receptor. J Biol Chem 275: 37779–37788.
    [157] Swaminath G, Xiang Y, Lee TW, et al. (2004) Sequential binding of agonists to the beta2 adrenoceptor. Kinetic evidence for intermediate conformational states. J Biol Chem 279: 686–691.
    [158] Baldwin JM (1994) Structure and function of receptors coupled to G proteins. Curr Opin Cell Biol 6: 180–190. doi: 10.1016/0955-0674(94)90134-1
    [159] Tyndall JD, Sandilya R (2005) GPCR agonists and antagonists in the clinic. Med Chem 1: 405–421. doi: 10.2174/1573406054368675
    [160] Jacoby E, Bouhelal R, Gerspacher M, et al. (2006) The 7 TM G-protein-coupled receptor target family. Chem Med Chem 1: 761–782.
    [161] Spiss CK, Maze M (1985) Adrenoreceptors. Anaesthesist 34: 1–10.
    [162] Civelli O, Reinscheid RK, Zhang Y, et al. (2013) G protein-coupled receptor deorphanizations. Annu Rev Pharmacol Toxicol 53: 127–146. doi: 10.1146/annurev-pharmtox-010611-134548
    [163] Barst RJ, Langleben D, Frost A, et al. (2004) Sitaxsentan therapy for pulmonary arterial hypertension. Am J Respir Crit Care Med 169: 441–447. doi: 10.1164/rccm.200307-957OC
    [164] Kotake T, Usami M, Akaza H, et al. (1999) Goserelin acetate with or without antiandrogen or estrogen in the treatment of patients with advanced prostate cancer: a multicenter, randomized, controlled trial in Japan. Zoladex Study Group. Jpn J Clin Oncol 29: 562–570. doi: 10.1093/jjco/29.11.562
    [165] Onuffer JJ, Horuk R (2002) Chemokines, chemokine receptors and small-molecule antagonists: recent developments. Trends Pharmacol Sci 23: 459–467. doi: 10.1016/S0165-6147(02)02064-3
    [166] Fatkenheuer G, Pozniak AL, Johnson MA, et al. (2005) Efficacy of short-term monotherapy with maraviroc, a new CCR5 antagonist, in patients infected with HIV-1. Nat Med 11: 1170–1172. doi: 10.1038/nm1319
    [167] Lu M, Wu B (2016) Structural studies of G protein-coupled receptors. IUBMB Life 68: 894–903. doi: 10.1002/iub.1578
    [168] Strotmann R, Schrock K, Boselt I, et al. (2011) Evolution of GPCR: change and continuity. Mol Cell Endocrinol 331: 170–178. doi: 10.1016/j.mce.2010.07.012
    [169] Ballesteros JA, Weinstein H (1995) Integrated methods for the construction of three-dimensional models and computational probing of structure-function relations in G protein-coupled receptors. Method Neurosci 25: 366–428. doi: 10.1016/S1043-9471(05)80049-7
    [170] Zhang D, Weinstein H (1994) Polarity conserved positions in transmembrane domains of G-protein coupled receptors and bacteriorhodopsin. FEBS Lett 337: 207–212. doi: 10.1016/0014-5793(94)80274-2
    [171] Katritch V, Fenalti G, Abola EE, et al. (2014) Allosteric sodium in class A GPCR signaling. Trends Biochem Sci 39: 233–244. doi: 10.1016/j.tibs.2014.03.002
    [172] Bjarnadottir TK, Geirardsdottir K, Ingemansson M, et al. (2007) Identification of novel splice variants of Adhesion G protein-coupled receptors. Gene 387: 38–48. doi: 10.1016/j.gene.2006.07.039
    [173] Lin HH, Chang GW, Davies JQ, et al. (2004) Autocatalytic cleavage of the EMR2 receptor occurs at a conserved G protein-coupled receptor proteolytic site motif. J Biol Chem 279: 31823–31832. doi: 10.1074/jbc.M402974200
    [174] Isberg V, Vroling B, Van DKR, et al. (2014) GPCRDB: an information system for G protein-coupled receptors. Nucleic Acids Res 42: D422–D425. doi: 10.1093/nar/gkt1255
    [175] Gasparini F, Kuhn R, Pin JP (2002) Allosteric modulators of group I metabotropic glutamate receptors: novel subtype-selective ligands and therapeutic perspectives. Curr Opin Pharmacol 2: 43–49. doi: 10.1016/S1471-4892(01)00119-9
    [176] Malherbe P, Kratochwil N, Zenner MT, et al. (2003) Mutational analysis and molecular modeling of the binding pocket of the metabotropic glutamate 5 receptor negative modulator 2-methyl-6-(phenylethynyl)-pyridine. Mol Pharmacol 64: 823–832. doi: 10.1124/mol.64.4.823
    [177] Litschig S, Gasparini F, Rueegg D, et al. (1999) CPCCOEt, a noncompetitive metabotropic glutamate receptor 1 antagonist, inhibits receptor signaling without affecting glutamate binding. Mol Pharmacol 55: 453–461.
    [178] Silve C, Petrel C, Leroy C, et al. (2005) Delineating a Ca2+ binding pocket within the venus flytrap module of the human calcium-sensing receptor. J Biol Chem 280: 37917–37923. doi: 10.1074/jbc.M506263200
    [179] Hermans E, Challiss RA (2001) Structural, signalling and regulatory properties of the group I metabotropic glutamate receptors: prototypic family C G-protein-coupled receptors. Biochem J 359: 465–484. doi: 10.1042/bj3590465
    [180] Nakanishi S (1992) Molecular diversity of glutamate receptors and implications for brain function. Science 258: 597–603. doi: 10.1126/science.1329206
    [181] Riedel G, Platt B, Micheau J (2003) Glutamate receptor function in learning and memory. Behav Brain Res 140: 1–47. doi: 10.1016/S0166-4328(02)00272-3
    [182] Kunishima N, Shimada Y, Tsuji Y, et al. (2000) Structural basis of glutamate recognition by a dimeric metabotropic glutamate receptor. Nature 407: 971–977. doi: 10.1038/35039564
    [183] Niswender CM, Conn PJ (2010) Metabotropic glutamate receptors: physiology, pharmacology, and disease. Annu Rev Pharmacol Toxicol 50: 295–322. doi: 10.1146/annurev.pharmtox.011008.145533
    [184] Bhanot P, Brink M, Samos CH, et al. (1996) A new member of the frizzled family from Drosophila functions as a Wingless receptor. Nature 382: 225–230. doi: 10.1038/382225a0
    [185] Murone M, Rosenthal A, de Sauvage FJ (1999) Sonic hedgehog signaling by the patched-smoothened receptor complex. Curr Biol 9: 76–84. doi: 10.1016/S0960-9822(99)80018-9
    [186] Chen CM, Strapps W, Tomlinson A, et al. (2004) Evidence that the cysteine-rich domain of Drosophila Frizzled family receptors is dispensable for transducing Wingless. Proc Natl Acad Sci USA 101: 15961–15966. doi: 10.1073/pnas.0407103101
    [187] Nakano Y, Nystedt S, Shivdasani AA, et al. (2004) Functional domains and sub-cellular distribution of the Hedgehog transducing protein Smoothened in Drosophila. Mech Dev 121: 507–518. doi: 10.1016/j.mod.2004.04.015
    [188] Isberg V, de Graaf C, Bortolato A, et al. (2015) Generic GPCR residue numbers-Aligning topology maps minding the gaps. Trends Pharmacol Sci 36: 22–31. doi: 10.1016/j.tips.2014.11.001
  • Reader Comments
  • © 2017 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)
通讯作者: 陈斌, bchen63@163.com
  • 1. 

    沈阳化工大学材料科学与工程学院 沈阳 110142

  1. 本站搜索
  2. 百度学术搜索
  3. 万方数据库搜索
  4. CNKI搜索

Metrics

Article views(13139) PDF downloads(1767) Cited by(65)

/

DownLoad:  Full-Size Img  PowerPoint
Return
Return

Catalog