Cryptology ePrint Archive: Report 2015/822

Efficiently Obfuscating Re-Encryption Program under DDH Assumption

Akshayaram Srinivasan and C. Pandu Rangan

Abstract: A re-encryption program (or a circuit) converts a ciphertext encrypted under Alice's public key pk_1 to a ciphertext of the same message encrypted under Bob's public key pk_2. Hohenberger et al. (TCC 2007) constructed a pairing-based obfuscator for a family of circuits implementing the re-encryption functionality under a new notion of obfuscation called as average-case secure obfuscation. Chandran et al. (PKC 2014) proposed a lattice-based construction for the same.

The construction given by Hohenberger et al. could only support encryptions of messages from a polynomial space and the decryption algorithm would have to perform a polynomial number of pairing operations in the worst case. The construction given by Chandran et al. satisfies only a relaxed notion of correctness.

In this work, we propose a simple and efficient obfuscator for the re-encryption functionality which not only supports encryption of messages from an exponential space but also involves only a constant number of group operations. Besides, our construction satisfies the strongest notion of correctness given by Hada (Eurocrypt 2010). We also strengthen the black-box security model for encryption - re-encryption system proposed by Hohenberger et al. and prove the average-case virtual black box property of our obfuscator as well as the security of our encryption - re-encryption system (in the strengthened model) under the DDH assumption. All our proofs are in the standard model.

Category / Keywords: foundations /

Date: received 20 Aug 2015

Contact author: akshayaram at berkeley edu

Available format(s): PDF | BibTeX Citation

Version: 20150821:142436 (All versions of this report)

Short URL: ia.cr/2015/822

Discussion forum: Show discussion | Start new discussion