Non-Transferable Proxy Re-Encryption Scheme

A proxy re-encryption (PRE) scheme allows a proxy to re-encrypt a ciphertext for Alice (delegator) to a ciphertext for Bob (delegatee) without seeing the underlying plaintext. However, existing PRE schemes generally suffer from at least one of the followings. Some schemes fail to provide the non-transferable property in which the proxy and the delegatee can collude to further delegate the decryption right to anyone. This is the main open problem left for PRE schemes. Other schemes assume the existence of a fully trusted private key generator (PKG) to generate the re-encryption key to be used by the proxy for re-encrypting a given ciphertext for a target delegatee. But this poses two problems in PRE schemes if the PKG is malicious: the PKG in their schemes may decrypt both original ciphertexts and re-encrypted ciphertexts (referred as the key escrow problem); and the PKG can generate reencryption key for arbitrary delegatees without permission from the delegator (we refer to it as the PKG despotism problem). In this paper, we propose the first non-transferable proxy re-encryption scheme which successfully achieves the nontransferable property. We show that the new scheme solved the PKG despotism problem and key escrow problem as well.

[1]  Toshihiko Matsuo,et al.  Proxy Re-encryption Systems for Identity-Based Encryption , 2007, Pairing.

[2]  Benoît Libert,et al.  Tracing Malicious Proxies in Proxy Re-encryption , 2008, Pairing.

[3]  Yevgeniy Dodis,et al.  Proxy cryptography revisted , 2003 .

[4]  Siu-Ming Yiu,et al.  Non-Transferable Proxy Re-Encryption Scheme for Data Dissemination Control , 2010, IACR Cryptol. ePrint Arch..

[5]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[6]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[7]  Yevgeniy Dodis,et al.  Proxy Cryptography Revisited , 2003, NDSS.

[8]  Xiaoyuan Yang,et al.  Identity based broadcast encryption based on one to many identity based proxy re-encryption , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[9]  Xu An Wang,et al.  Proxy Re-encryption Scheme from IBE to CBE , 2009, 2009 First International Workshop on Database Technology and Applications.

[10]  Xu An Wang,et al.  Proxy re-encryption scheme based on BB2 identity based encryption , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[11]  Koji Okada,et al.  Unforgeability of Re-Encryption Keys against Collusion Attack in Proxy Re-Encryption , 2011, IWSEC.

[12]  Xu An Wang,et al.  How to Solve Key Escrow Problem in Proxy Re-encryption from CBE to IBE , 2009, 2009 First International Workshop on Database Technology and Applications.

[13]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[14]  Xu An Wang,et al.  On the Role of PKG for Proxy Re-encryption in Identity Based Setting , 2008, IACR Cryptol. ePrint Arch..