Paper 2018/840

Universal Proxy Re-Encryption

Nico Döttling and Ryo Nishimaki


We put forward the notion of universal proxy re-encryption (UPRE). A UPRE scheme enables a proxy to convert a ciphertext under a (delegator) public key of any existing public-key encryption (PKE) scheme into another ciphertext under a (delegatee) public key of any existing PKE scheme (possibly different from the delegator one). The proxy has a re-encryption key generated from the delegator's secret key and the delegatee public key. Thus UPRE generalizes proxy re-encryption by supporting arbitrary PKE schemes and allowing to convert ciphertexts into ones of possibly different PKE schemes. In this work, we - provide syntax and definitions for both UPRE and a variant we call relaxed UPRE. The relaxed variant means that decryption algorithms for re-encrypted ciphertexts are slightly modified but still only use the original delegatee secret keys for decryption. - construct a UPRE based on probabilistic indistinguishability obfuscation (PIO). It allows us to re-encrypt ciphertexts polynomially many times. - construct relaxed UPRE from garbled circuits (GCs). We provide two variants of this construction, one which allows us to re-encrypt ciphertexts polynomially many times, and a second one which satisfies a stronger security requirement but only allows us to re-encrypt ciphertexts a constant number of times.

Note: Full version.

Available format(s)
Public-key cryptography
Publication info
A major revision of an IACR publication in PKC 2021
universal proxy re-encryptionproxy re-encryptionpublic-key encryptionsecret sharing
Contact author(s)
ryo nishimaki @ gmail com
nico doettling @ gmail com
2021-03-02: last of 5 revisions
2018-09-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nico Döttling and Ryo Nishimaki},
      title = {Universal Proxy Re-Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2018/840},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.