Proxy re-encryption realizes delegation of decryption rights, enabling a proxy holding a re-encryption key to convert a ciphertext originally intended for Alice into an encryption of the same message for Bob. Proxy re-encryption is a very useful primitive, having many applications in distributed file systems, outsourced filtering of encrypted spam, access control over network storage, and so on. Lately, Weng et al. proposed the first unidirectional proxy re-encryption scheme without using bilinear pairs. However, Weng et al.'s construction does not possess collusion resilience, in the sense that a coalition of the proxy and the delegatee can recover the delegator's private key. This is a serious weakness, since a user's private key should be strictly not revealed in any case. In this work, we present a scheme solving this problem, based on Weng et al.'s construction. We further extend our scheme to address several drawbacks inherent in virtually all existing proxy re-encryption schemes.
Proxy re-encryption, bilinear pairing, chosen-ciphertext security
Information Security and Trust
Weng, Jian; DENG, Huijie, Robert; Liu, Shengli; and Chen, Kefei.
Chosen-ciphertext secure bidirectional proxy re-encryption schemes without pairings. (2010). Information Sciences. 180, (24), 5077-5089. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/1303
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.