Journal of Cryptology

, Volume 24, Issue 4, pp 694–719 | Cite as

Securely Obfuscating Re-Encryption

  • Susan HohenbergerEmail author
  • Guy N. Rothblum
  • Abhi Shelat
  • Vinod Vaikuntanathan


We present a positive obfuscation result for a traditional cryptographic functionality. This positive result stands in contrast to well-known impossibility results (Barak et al. in Advances in Cryptology—CRYPTO’01, 2002), for general obfuscation and recent impossibility and implausibility (Goldwasser and Kalai in 46th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 553–562, 2005) results for obfuscation of many cryptographic functionalities.

Whereas other positive obfuscation results in the standard model apply to very simple point functions (Canetti in Advances in Cryptology—CRYPTO’97, 1997; Wee in 37th ACM Symposium on Theory of Computing (STOC), pp. 523–532, 2005), our obfuscation result applies to the significantly more complex and widely-used re-encryption functionality. This functionality takes a ciphertext for message m encrypted under Alice’s public key and transforms it into a ciphertext for the same message m under Bob’s public key.

To overcome impossibility results and to make our results meaningful for cryptographic functionalities, our scheme satisfies a definition of obfuscation which incorporates more security-aware provisions.

Key words

Obfuscation Re-encryption 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    G. Ateniese, K. Fu, M. Green, S. Hohenberger, Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006) CrossRefGoogle Scholar
  2. [2]
    B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S.P. Vadhan, K. Yang, On the (im)possibility of obfuscating programs, in Advances in Cryptology—CRYPTO’01, ed. by J. Kilian. Lecture Notes in Computer Science, vol. 2139 (Springer, Berlin, 2001), pp. 1–18 Google Scholar
  3. [3]
    M. Blaze, M. Strauss, Atomic proxy cryptography. Technical report, AT&T Research (1997) Google Scholar
  4. [4]
    M. Blaze, G. Bleumer, M. Strauss, Divertible protocols and atomic proxy cryptography, in Advances in Cryptology—EUROCRYPT’98, ed. by K. Nyberg. Lecture Notes in Computer Science, vol. 1403 (Springer, Berlin, 1998), pp. 127–144 Google Scholar
  5. [5]
    D. Boneh, X. Boyen, H. Shacham, Short group signatures, in Advances in Cryptology—CRYPTO’04, ed. by M.K. Franklin. Lecture Notes in Computer Science, vol. 3152 (Springer, Berlin, 2004), pp. 41–55 Google Scholar
  6. [6]
    D. Boneh, A. Sahai, B. Waters, Fully collusion resistant traitor tracing with short ciphertexts and private keys, in Advances in Cryptology—EUROCRYPT’06, ed. by S. Vaudenay. Lecture Notes in Computer Science, vol. 4004 (Springer, Berlin, 2006), pp. 573–592 Google Scholar
  7. [7]
    R. Canetti, Towards realizing random oracles: Hash functions that hide all partial information, in Advances in Cryptology—CRYPTO’97, ed. by B.S. Kaliski Jr. Lecture Notes in Computer Science, vol. 1294 (Springer, Berlin, 1997), pp. 455–469 Google Scholar
  8. [8]
    R. Canetti, D. Micciancio, O. Reingold, Perfectly one-way probabilistic hash functions (preliminary version), in 30th Symposium on Theory of Computing (STOC) (ACM, New York, 1998), pp. 131–140 Google Scholar
  9. [9]
    Y. Dodis, A. Ivan, Proxy cryptography revisited, in 10th Network and Distributed System Security Symposium (NDSS), ed. by V. Gligor, M. Reiter. The Internet Society (2003) Google Scholar
  10. [10]
    Y. Dodis, A. Smith, Correcting errors without leaking partial information, in 37th ACM Symposium on Theory of Computing (STOC), ed. by H.N. Gabow, R. Fagin. (ACM, New York, 2005), pp. 654–663 Google Scholar
  11. [11]
    S.D. Galbraith, K.G. Paterson, N.P. Smart, Pairings for cryptographers. Cryptology ePrint Archive: Report 2006/165 (2006) Google Scholar
  12. [12]
    S. Goldwasser, Y.T. Kalai, On the impossibility of obfuscation with auxiliary input, in 46th IEEE Symposium on Foundations of Computer Science (FOCS), ed. by É. Tardos. (IEEE Comput. Soc., Los Alamitos, 2005), pp. 553–562 CrossRefGoogle Scholar
  13. [13]
    S. Goldwasser, S. Micali, Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984) MathSciNetzbMATHCrossRefGoogle Scholar
  14. [14]
    S. Hada, Zero-knowledge and code obfuscation, in Advances in Cryptology—ASIACRYPT’00, ed. by T. Okamoto. Lecture Notes in Computer Science, vol. 1976 (Springer, Berlin, 2000), pp. 443–457 Google Scholar
  15. [15]
    D. Hofheinz, J. Malone-Lee, M. Stam, Obfuscation for cryptographic purposes, in 4th Theory of Cryptography Conference (TCC), ed. by S.P. Vadhan. Lecture Notes in Computer Science, vol. 4392 (Springer, Berlin, 2007), pp. 214–232 Google Scholar
  16. [16]
    M. Mambo, E. Okamoto, Proxy cryptosystems: Delegation of the power to decrypt ciphertexts. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E80-A(1), 54–63 (1997) Google Scholar
  17. [17]
    R. Pass, Personal Communication (2006) Google Scholar
  18. [18]
    T. Smith, DVD Jon: buy DRM-less Tracks from Apple iTunes, 18 March, 2005.
  19. [19]
    L.G. Valiant, A theory of the learnable. Commun. ACM 27(11), 1134–1142 (1984) zbMATHCrossRefGoogle Scholar
  20. [20]
    H. Wee, On obfuscating point functions, in 37th ACM Symposium on Theory of Computing (STOC), ed. by H.N. Gabow, R. Fagin. (ACM, New York, 2005), pp. 523–532 Google Scholar

Copyright information

© International Association for Cryptologic Research 2010

Authors and Affiliations

  • Susan Hohenberger
    • 1
    Email author
  • Guy N. Rothblum
    • 2
  • Abhi Shelat
    • 3
  • Vinod Vaikuntanathan
    • 4
  1. 1.Johns Hopkins UniversityBaltimoreUSA
  2. 2.Princeton UniversityPrincetonUSA
  3. 3.University of VirginiaCharlottesvilleUSA
  4. 4.Microsoft Research RedmondRedmondUSA

Personalised recommendations