Cryptology ePrint Archive: Report 2016/278

Various Proxy Re-Encryption Schemes from Lattices

Xiong Fan and Feng-Hao Liu

Abstract: Proxy re-encryption (PRE) was introduced by Blaze, Bleumer and Strauss [Eurocrypt '98]. Basically, PRE allows a semi-trusted proxy to transform a ciphertext encrypted under one key into an encryption of the same plaintext under another key, without revealing the underlying plaintext. Since then, many interesting applications have been explored, and many constructions in various settings have been proposed. In 2007, Cannetti and Honhenberger [CCS '07] defined a stronger notion -- CCA-security and construct a bi-directional PRE scheme. Later on, several work considered CCA-secure PRE based on bilinear group assumptions. Very recently, Kirshanova [PKC '14] proposed the first single-hop CCA-secure PRE scheme based on learning with errors (LWE) assumption.

In this work, we first point out a subtle but serious mistake in the security proof of the work by Kirshanova. This reopens the direction of lattice-based CCA-secure constructions, even in the single-hop setting. Then we propose a new LWE-based single-hop CCA-secure PRE scheme. Finally, we extend the construction to support multi-hop re-encryptions for different levels of security under different settings.

Category / Keywords: public-key cryptography /

Date: received 11 Mar 2016, last revised 25 May 2017

Contact author: xfan at cs cornell edu

Available format(s): PDF | BibTeX Citation

Note: This work is super-seeded by with additional results.

Version: 20170525:130812 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]