An Efficient Non-transferable Proxy Re-encryption Scheme

Proxy re-encryption (PRE) allows re-encryption of a ciphertext for Alice (delegator) into a ciphertext for Bob (delegatee) via a semi-trusted proxy, who should not obtain the underlying plaintext. Alice generates a re-encryption key (re-key) for the proxy using which, the proxy transforms the ciphertexts. The basic notion of PRE provides security against the proxy from learning anything about the encrypted message given the re-encryption key. However, this is not sufficient in all situations as the proxy can collude with Bob and re-delegate Alice’s decryption rights. Hence, non-transferability is a desirable property in real-time scenarios wherein an illegal attempt to transfer Alice’s decryption rights exposes Bob’s private key as a penalty. In Pairing 2010, Wang et al. presented a CPA secure non-transferable Identity Based PRE scheme in the random oracle model. However, we show that the scheme violates the non-transferable property. Also, we present the first construction of a non-transferable unidirectional PRE scheme in the PKI setting using bilinear maps which meets CCA security under a variant of the decisional Diffie-Hellman hardness assumption in the random oracle model.

[1]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[2]  C. Pandu Rangan,et al.  On the security of a Certificateless Proxy Re-Encryption Scheme without Pairing , 2017, IACR Cryptol. ePrint Arch..

[3]  Koji Okada,et al.  Unforgeability of Re-Encryption Keys against Collusion Attack in Proxy Re-Encryption , 2011, IWSEC.

[4]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[5]  C. Pandu Rangan,et al.  EFFICIENT CONDITIONAL PROXY RE- ENCRYPTION WITH CHOSEN CIPHER TEXT SECURITY , 2012 .

[6]  Benoît Libert,et al.  Unidirectional Chosen-Ciphertext Secure Proxy Re-Encryption , 2008, IEEE Transactions on Information Theory.

[7]  Benoît Libert,et al.  Tracing Malicious Proxies in Proxy Re-encryption , 2008, Pairing.

[8]  Keisuke Tanaka,et al.  Attacks to the Proxy Re-Encryption Schemes from IWSEC2011 , 2013, IWSEC.

[9]  Siu-Ming Yiu,et al.  Non-Transferable Proxy Re-Encryption Scheme , 2012, 2012 5th International Conference on New Technologies, Mobility and Security (NTMS).

[10]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[11]  Eiji Okamoto,et al.  New Identity-Based Proxy Re-encryption Schemes to Prevent Collusion Attacks , 2010, Pairing.

[12]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[13]  Robert H. Deng,et al.  Efficient Unidirectional Proxy Re-Encryption , 2010, AFRICACRYPT.

[14]  Jing Xu,et al.  Non-Transferable Proxy Re-Encryption , 2018, IACR Cryptol. ePrint Arch..