Paper 2013/318

Fully-Anonymous Functional Proxy-Re-Encryption

Yutaka Kawai and Katsuyuki Takashima

Abstract

In this paper, we introduce a general notion of functional proxy-re-encryption (F-PRE), where a wide class of functional encryption (FE) is combined with proxy-re-encryption (PRE) mechanism. The PRE encryption system should reveal {\em minimal} information to a proxy, in particular, hiding parameters of re-encryption keys and of original ciphertexts which he manipulate is highly desirable. We first formulate such a {\em fully-anonymous} security notion of F-PRE including usual payload-hiding properties. We then propose the first fully-anonymous inner-product PRE (IP-PRE) scheme, whose security is proven under the DLIN assumption and the existence of a strongly unforgeable one-time signature scheme in the standard model. Also, we propose the first ciphertext-policy F-PRE scheme with the access structures of Okamoto-Takashima (CRYPTO 2010), which also has an anonymity property for re-encryption keys as well as payload-hiding for original and re-encrypted ciphertexts. The security is proven under the same assumptions as the above IP-PRE scheme in the standard model. For these results, we develop novel {\em blind delegation} and {\em subspace insulation for re-enc key basis} techniques on the dual system encryption (DSE) paradigm and the dual pairing vector spaces (DPVS) approach. These techniques seem difficult to be realized by a {\em composite-order} bilinear group DSE approach.