Paper 2022/637

Conditional Attribute-Based Proxy Re-Encryption: Definitions and Constructions from LWE

Abstract

Attribute-based proxy re-encryption (AB-PRE) is one of the essential variants for proxy re-encryption. It allows a proxy with a re-encryption key to transform a ciphertext associated with an access policy and decryptable by a delegator into another ciphertext associated with a new access policy, thereafter other delegatees can decrypt. However, with AB-PRE, the proxy is to switch the underlying policies of all ciphertexts indiscriminately. The delegator cannot decide which ciphertext would be transformed, taking no flexibility in controlling it for real use. In this paper, we propose a notion of Conditional AB-PRE (CAB-PRE), supporting completely fine-grained control for ciphertexts, in both decryption and delegation. In CAB-PRE, the proxy can convert the underlying policy of a ciphertext only if this ciphertext satisfies a specific condition set by the delegator in the re-encryption key. We formalize the security of this notion in the honest re-encryption attacks (HRA) setting, and present a concrete construction secure under adaptive corruptions in the standard model. As a building block, we design an adaptively HRA-secure (ciphertext-policy) AB-PRE based on the learning with errors (LWE) problem, which solves an open problem left by Susilo et al. in ESORICS '21. Finally, we introduce a well-matched conditional delegation tailored to inner-product predicates and integrate it into this AB-PRE to derive our HRA-secure CAB-PRE scheme.