Article thumbnail

Unidirectional chosen-ciphertext secure proxy re-encryption

By Benoît Libert, D. Vergnaud and Public Key Cryptography - PKC 2008. 11th International Workshop on Practice and Theory in Public Key Cryptography


In 1998, Blaze, Bleumer, and Strauss proposed a cryptographic primitive called proxy re-encryption, in which a proxy transforms - without seeing the corresponding plaintext - a ciphertext computed under Alice's public key into one that can be opened using Bob's secret key. An appropriate definition of chosen-ciphertext security and a construction fitting this model were put forth by Canetti and Hohenberger. Their system is bidirectional: the information released to divert ciphertexts from Alice to Bob can also be used to translate ciphertexts in the opposite direction. In this paper, we present the first construction of unidirectional proxy re-encryption scheme with chosen- ciphertext security in the standard model (i.e. without relying on the random oracle idealization), which solves a problem left open at CCS'07. Our construction is efficient and requires a reasonable complexity assumption in bilinear map groups. Like the Canetti-Hohenberger scheme, it ensures security according to a relaxed definition of chosen-ciphertext introduced by Canetti, Krawczyk and Nielsen.Anglai

Publisher: 'Springer Science and Business Media LLC'
Year: 2008
DOI identifier: 10.1007/978-3-540-78440-1_21
OAI identifier:
Provided by: DIAL UCLouvain
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.