Paper 2005/028

Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage

Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger


In 1998, Blaze, Bleumer, and Strauss (BBS) proposed an application called atomic proxy re-encryption, in which a semi-trusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plaintext. We predict that fast and secure re-encryption will become increasingly popular as a method for managing encrypted file systems. Although efficiently computable, the wide-spread adoption of BBS re-encryption has been hindered by considerable security risks. Following recent work of Ivan and Dodis, we present new re-encryption schemes that realize a stronger notion of security and we demonstrate the usefulness of proxy re-encryption as a method of adding access control to the SFS read-only file system. Performance measurements of our experimental file system demonstrate that proxy re-encryption can work effectively in practice.

Available format(s)
Publication info
Published elsewhere. Originally published in proceedings of NDSS 2005, journal version to appear in ACM TISSEC.
Contact author(s)
ateniese @ cs jhu edu
2006-01-11: last of 3 revisions
2005-02-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Giuseppe Ateniese and Kevin Fu and Matthew Green and Susan Hohenberger},
      title = {Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage},
      howpublished = {Cryptology ePrint Archive, Paper 2005/028},
      year = {2005},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.