Cryptology ePrint Archive: Report 2007/254

Fully Secure Proxy Re-Encryption without Random Oracles

Jun Shao and Zhenfu Cao and Licheng Wang and Xiaohui Liang

Abstract: In a proxy re-encryption scheme, a semi-trusted proxy, with some additional information, can transform a ciphertext under Alice's public key into a new ciphertext under Bob's public key on the same message, but cannot learn any information about the messages encrypted under the public key of either Alice or Bob. In this paper, we propose two new unidirectional proxy re-encryption schemes, where a proxy can transform a ciphertext for Alice into a new ciphertext for Bob, but not vice versa. Note that, unidirectional proxy re-encryption is more powerful than bidirectional one, since a bidirectional scheme can always be implemented by an unidirectional one. Furthermore, these two schemes can be proved \emph{in the standard model}, chosen-ciphertext secure based on Decisional Bilinear Inverse Diffie-Hellman assumption and master key secure based on Extended Discrete Logarithm assumption. To our best knowledge, our proposals are the first fully secure (CCA-secure and master key secure) proxy re-encryption schemes in the standard model.

Category / Keywords: public-key cryptography / proxy re-encryption

Date: received 26 Jun 2007, last revised 12 Jul 2007, withdrawn 28 Oct 2007

Contact author: chn junshao at gmail com

Available formats: (-- withdrawn --)

Note: Some typos are corrected. And delete the proof of the 1st scheme, and add a proof for the 3rd scheme.

Version: 20071029:055116 (All versions of this report)

Discussion forum: Show discussion | Start new discussion