Topic
Proxy re-encryption
About: Proxy re-encryption is a research topic. Over the lifetime, 708 publications have been published within this topic receiving 33624 citations.
Papers published on a yearly basis
Papers
More filters
01 Nov 2010
TL;DR: It is found that if the proxy having its own public/private key is allowed, then the proxy can not act as malicious as the proxy in the traditional PRE, which somewhat make the authentication on the re-encrypted ciphertext no necessary again.
Abstract: Proxy re-encryption (PRE) allows a ciphertext computed under Alice's public key to be transformed to those which can be decrypted by Bob. Since Blaze et al. introduced the concept of proxy re-encryption in Eurocrypt'98, there are many results on proxy re-encryption. However, all the proxy re-encryption schemes proposed until now assume the proxy having no its own public/private keys. In this paper, we investigate the benefits of proxy having its own public/private keys. We find that if we allow the proxy having its own public/private key, then the proxy can not act as malicious as the proxy in the traditional PRE. The proxy can be trusted to sign on the re-encrypted ciphertext, which somewhat make the authentication on the re-encrypted ciphertext no necessary again. Based on this observation, we give two proposals to try to solve two open problems in the PRE field.
4 citations
11 Sep 2009
TL;DR: Surprisingly, if the help of PKG, then it is easy to construct proxy re-encryption based on SK identity based encryption, and the scheme even can achieve CCA2 secure, which makes it is unique.
Abstract: In 1998, Blaze, Bleumer, and Strauss proposed a kind of cryptographic primitive called proxy re-encryption. In proxy re-encryption, a proxy can transform a ciphertext computed under Alice's public key into one that can be opened under Bob's decryption key. They predicated that proxy re-encryption and re-signature will play an important role in our life. In 2007, Matsuo proposed the concept of four types of re-encryption schemes: CBE to IBE(type 1), IBE to IBE(type 2), IBE to CBE (type 3), CBE to CBE (type 4 ). Now CBE to IBE and IBE to IBE proxy re-encryption schemes are being standardized by IEEEP1363.3 working group. One feature of proxy re-encryption schemes proposed by Matsuo is that they are all based on BB1 identity based encryption.We ask question like this: can we construct proxy re-encryption schemes based on BB2 identity based encryption? We give affirmative answer to this question. We construct an IBE to IBE proxy re-encryption scheme based on BB2 with the help of PKG and prove its security in the standard model.
4 citations
03 Dec 2011
TL;DR: To construct a concrete KPRE scheme, the k-times signature and Libert et al's IND-RCCA PRE scheme in PKC'08 are combined and the public/private key is added to the proxy.
Abstract: The traditional proxy re-encryption (PRE) or conditional proxy re-encryption (CPRE) can re-encrypt infinite times on the delegator's cipher text. However many practical applications do not need this property, they prefer the delegator can control on the times the proxy can re-encrypt. In this paper, we introduce a new kind of proxy re-encryption: k-times proxy re-encryption (KPRE). To construct a concrete KPRE scheme, we add public/private key to the proxy. In k-times proxy re-encryption, the proxy can only re-encrypt k times, otherwise the proxy's private key will be exposed. We construct a concrete IND-RCCA secure KPRE scheme by combining the k-times signature and Libert et al's IND-RCCA PRE scheme in PKC'08.
4 citations
05 Nov 2016
TL;DR: An improved scheme is proposed, which is secure against collusion attack and chosen ciphertext attack in the standard model and claimed that their scheme can resist against the collusion attack is incorrect.
Abstract: An identity-based proxy re-encryption scheme allows a semi-trusted proxy to convert an encryption under Alice’s identity into the encryption under Bob’s identity. The proxy does not know the secret key of Alice or Bob, neither does the plaintext during the conversion. In an identity-based proxy re-encryption scheme, the collusion of the proxy and a delegatee may decrypt the ciphertext for a delegator if the ciphertext is re-encrypted. So it is important to resist the collusion attack in the identity-based proxy re-encryption scheme. In 2015, Qiu et al. pro-posed an identity-based proxy re-encryption without random oracles, and claimed that their scheme can resist against the collusion attack. However, we analyze the security of Qiu et al.’s scheme and show that the claim is incorrect. In this paper, we propose an improved scheme, which is secure against collusion attack and chosen ciphertext attack in the standard model.
4 citations
13 Oct 2017
TL;DR: This work designs a proxy re-encryption scheme which relaxes the proxy invisibility property, and makes it possible to publicly verify whether a given ciphertext is direct or re-encrypted for a particular user.
Abstract: Proxy re-encryption is a cryptographic primitive used to transform a ciphertext under one public key such that it becomes a ciphertext under another public key using a re-encryption key. Proxy invisibility is a desirable property of a proxy re-encryption scheme. This requires the ciphertexts directly intended for a recipient be indistinguishable from those re-encrypted for the same recipient. However, there may arise a situation where direct and re-encrypted ciphertexts need to be processed differently by a recipient. In such cases, it should be verifiable without decryption whether the ciphertext received is a direct or a re-encrypted ciphertext. Towards this, we design a proxy re-encryption scheme which relaxes the proxy invisibility property. With the proposed scheme, it is possible to publicly verify whether a given ciphertext is direct or re-encrypted for a particular user. This public verification does not fail even if anyone with malicious intent modifies the ciphertext.
4 citations