zbMATH — the first resource for mathematics

Unidirectional chosen-ciphertext secure proxy re-encryption. (English) Zbl 1162.94382
Cramer, Ronald (ed.), Public key cryptography – PKC 2008. 11th international workshop on practice and theory in public-key cryptography, Barcelona, Spain, March 9–12, 2008. Proceedings. Berlin: Springer (ISBN 978-3-540-78440-1/pbk). Lecture Notes in Computer Science 4939, 360-379 (2008).
Summary: M. Blaze, G. Bleumer and M. Strauss [Lect. Notes Comput. Sci. 1403, 127–144 (1998; Zbl 0929.68048)] proposed a cryptographic primitive called proxy re-encryption, in which a proxy transforms – without seeing the corresponding plaintext – a ciphertext computed under Alice’s public key into one that can be opened using Bob’s secret key. Recently, an appropriate definition of chosen-ciphertext security and a construction fitting this model were put forth by Canetti and Hohenberger. Their system is bidirectional: the information released to divert ciphertexts from Alice to Bob can also be used to translate ciphertexts in the opposite direction. In this paper, we present the first construction of unidirectional proxy re-encryption scheme with chosen-ciphertext security in the standard model (i.e. without relying on the random oracle idealization), which solves a problem left open at CCS 2007. Our construction is efficient and requires a reasonable complexity assumption in bilinear map groups. Like the Canetti-Hohenberger scheme, it ensures security according to a relaxed definition of chosen-ciphertext introduced by Canetti, Krawczyk and Nielsen.
For the entire collection see [Zbl 1130.94002].

94A60 Cryptography
94A62 Authentication, digital signatures and secret sharing
Full Text: DOI