Paper 2016/278

Various Proxy Re-Encryption Schemes from Lattices

Xiong Fan and Feng-Hao Liu


Proxy re-encryption (PRE) was introduced by Blaze, Bleumer and Strauss [Eurocrypt '98]. Basically, PRE allows a semi-trusted proxy to transform a ciphertext encrypted under one key into an encryption of the same plaintext under another key, without revealing the underlying plaintext. Since then, many interesting applications have been explored, and many constructions in various settings have been proposed. In 2007, Cannetti and Honhenberger [CCS '07] defined a stronger notion -- CCA-security and construct a bi-directional PRE scheme. Later on, several work considered CCA-secure PRE based on bilinear group assumptions. Very recently, Kirshanova [PKC '14] proposed the first single-hop CCA-secure PRE scheme based on learning with errors (LWE) assumption. In this work, we first point out a subtle but serious mistake in the security proof of the work by Kirshanova. This reopens the direction of lattice-based CCA-secure constructions, even in the single-hop setting. Then we propose a new LWE-based single-hop CCA-secure PRE scheme. Finally, we extend the construction to support multi-hop re-encryptions for different levels of security under different settings.

Note: This work is super-seeded by with additional results.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
Contact author(s)
xfan @ cs cornell edu
2017-05-25: last of 2 revisions
2016-03-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Xiong Fan and Feng-Hao Liu},
      title = {Various Proxy Re-Encryption Schemes from Lattices},
      howpublished = {Cryptology ePrint Archive, Paper 2016/278},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.