Efficient Unidirectional Proxy Re-Encryption
نویسندگان
چکیده
Proxy re-encryption (PRE) allows a semi-trusted proxy to convert a ciphertext originally intended for Alice into one encrypting the same plaintext for Bob. The proxy only needs a re-encryption key given by Alice, and cannot learn anything about the plaintext encrypted. This adds flexibility in various applications, such as confidential email, digital right management and distributed storage. In this paper, we study unidirectional PRE, which the re-encryption key only enables delegation in one direction but not the opposite. In PKC 2009, Shao and Cao proposed a unidirectional PRE assuming the random oracle. However, we show that it is vulnerable to chosen-ciphertext attack (CCA). We then propose an efficient unidirectional PRE scheme (without resorting to pairings). We gain high efficiency and CCA-security using the “token-controlled encryption” technique, under the computational Diffie-Hellman assumption, in the random oracle model and a relaxed but reasonable definition.
منابع مشابه
Improving the Security of an Efficient Unidirectional Proxy Re-Encryption Scheme
A proxy re-encryption (PRE) scheme allows a designated proxy, that has beforehand received a so-called re-encryption key, to translate a ciphertext intended to one user to a ciphertext intended to another one. Traditionally, the re-encryption key is generated at the initiative of the initial receiver and ideally, no secret keys should be known to the proxy. Such scheme is said unidirectional if...
متن کاملAnalysis and Improvements of Several (H)IBS/IBSC/PRBE Schemes
Constructing efficient (Hierarchical) identity based signature/signcryption ((H)IBS/IBSC) schemes in the standard model with full security remain as open problems for a long time. Ren et al. constructed efficient (H)IBS/IBSC schemes with full security without random oracle in ISDPE’07 and Chinacrypt’08, . They claimed their schemes can be proved to simultaneously achieve high efficiency, short ...
متن کاملComments on Shao-Cao's Unidirectional Proxy Re-Encryption Scheme from PKC 2009
In Eurocrypt’98, Blaze, Bleumer and Strauss [4] introduced a primitive named proxy reencryption (PRE), in which a semi-trusted proxy can convert without seeing the plaintext a ciphertext originally intended for Alice into an encryption of the same message intended for Bob. PRE systems can be categorized into bidirectional PRE, in which the proxy can transform from Alice to Bob and vice versa, a...
متن کاملA unidirectional conditional proxy re-encryption scheme based on non-monotonic access structure
A unidirectional conditional proxy re-encryption scheme based on non-monotonic access structure Bin Wang Information Engineering College of Yangzhou University No.196 West HuaYang Road, Yangzhou City, Jiangsu Province, P.R.China E-mail: [email protected] Abstract: Recently, Fang et al. [6] introduced an interactive(bidirectional) conditional proxy re-encryption(C-PRE) scheme such that a proxy ca...
متن کاملChosen Public Key and Ciphertext Secure Proxy Re-encryption Schemes
A proxy re-encryption scheme enables a proxy to re-encrypt a ciphertext and designate it to a delegatee. Proxy re-encryption schemes have been found useful in many applications, including e-mail forwarding, law-enforcement monitoring, and content distribution. Libert and Vergnaud presented the first construction of unidirectional proxy re-encryption scheme with chosen ciphertext security in the...
متن کامل