Paper 2015/112

Re-encryption Verifiability: How to Detect Malicious Activities of a Proxy in Proxy Re-encryption

Satsuya Ohata, Yutaka Kawai, Takahiro Matsuda, Goichiro Hanaoka, and Kanta Matsuura


In this paper, we introduce a new functionality for proxy re-encryption (PRE) that we call re-encryption verifiability. In a PRE scheme with re-encryption verifiability (which we simply call verifiable PRE, or VPRE), a receiver of a re-encrypted ciphertext can verify whether the received ciphertext is correctly transformed from an original ciphertext by a proxy, and thus can detect illegal activities of the proxy. We formalize the security model for a VPRE scheme, and show that the single-hop uni-directional PRE scheme by Hanaoka et al. (CT-RSA 2012) can be extended to a secure VPRE scheme.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Major revision. CT-RSA 2015
Proxy Re-encryptionRe-encryption VerifiabilitySoundness
Contact author(s)
satsuya @ iis u-tokyo ac jp
2015-02-24: received
Short URL
Creative Commons Attribution


      author = {Satsuya Ohata and Yutaka Kawai and Takahiro Matsuda and Goichiro Hanaoka and Kanta Matsuura},
      title = {Re-encryption Verifiability: How to Detect Malicious Activities of a Proxy in Proxy Re-encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2015/112},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.