Securely Obfuscating Re-encryption

  • Susan Hohenberger
  • Guy N. Rothblum
  • abhi shelat
  • Vinod Vaikuntanathan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4392)


We present the first positive obfuscation result for a traditional cryptographic functionality. This positive result stands in contrast to well-known negative impossibility results [BGI + 01] for general obfuscation and recent negative impossibility and improbability [GK05] results for obfuscation of many cryptographic functionalities.

Whereas other positive obfuscation results in the standard model apply to very simple point functions, our obfuscation result applies to the significantly more complicated and widely-used re-encryption functionality. This functionality takes a ciphertext for message m encrypted under Alice’s public key and transforms it into a ciphertext for the same message m under Bob’s public key.

To overcome impossibility results and to make our results meaningful for cryptographic functionalities, we use a new definition of obfuscation. This new definition incorporates more security-aware provisions.


Encryption Scheme Auxiliary Input Cryptographic Scheme Oracle Access Random Circuit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AFGH06]
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved Proxy Re-encryption Schemes with Applications to Secure Distributed Storage. ACM Trans. on Information and System Security 9(1), 1–30 (2006), Previously in NDSS, pages 29-43, 2005CrossRefGoogle Scholar
  2. [AW05]
    Adida, B., Wikström, D.: How to shuffle in public. Cryptology ePrint Archive, Report, 2005/394 (2005),
  3. [BBS98]
    Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  4. [BBS04]
    Boneh, D., Boyen, X., Shacham, H.: Short Group Signatures Using Strong Diffie Hellman. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  5. [BGI+01]
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. [BS97]
    Matt Blaze and Martin Strauss. Atomic proxy cryptography. Technical report, AT&T Research (1997)Google Scholar
  7. [BSW06]
    Boneh, D., Sahai, A., Waters, B.: Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 573–592. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. [Can97]
    Canetti, R.: Towards realizing random oracles: Hash functions that hide all partial information. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 455–469. Springer, Heidelberg (1997)Google Scholar
  9. [CMR98]
    Canetti, R., Micciancio, D., Reingold, O.: Perfectly one-way probabilistic hash functions (preliminary version). In: STOC, pp. 131–140 (1998)Google Scholar
  10. [DI03]
    Dodis, Y., Ivan, A.: Proxy cryptography revisited. In: NDSS (2003)Google Scholar
  11. [DS05]
    Dodis, Y., Smith, A.: Correcting errors without leaking partial information. In: STOC ’05, pp. 654–663 (2005)Google Scholar
  12. [GK05]
    Goldwasser, S., Tauman Kalai, Y.: On the impossibility of obfuscation with auxiliary input. In: FOCS ’05, pp. 553–562 (2005)Google Scholar
  13. [GM84]
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984), Previously in STOC, pp. 365-377, 1982zbMATHCrossRefMathSciNetGoogle Scholar
  14. [GPS06]
    Steven, D., Galbraith, K.G.: Paterson, and Nigel P. Smart. Pairings for cryptographers. Cryptology ePrint Archive: Report 2006/165 (2006)Google Scholar
  15. [Had00]
    Hada, S.: Zero-knowledge and code obfuscation. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 443–457. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. [MO97]
    Masahiro Mambo and Eiji Okamoto. Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts. IEICE Trans. Fund. Electronics Communications and Computer Science E80-A/1, 54–63 (1997)Google Scholar
  17. [OS05]
    Ostrovsky, R., Skeith III., W.E.: Private searching on streaming data. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 223–240. Springer, Heidelberg (2005)Google Scholar
  18. [Pas06]
    Pass, R.: Personal Communication (2006)Google Scholar
  19. [Smi05]
    Smith, T.: DVD Jon: buy DRM-less Tracks from Apple iTunes, March 18 (2005),
  20. [Wee05]
    Wee, H.: On obfuscating point functions. In: STOC, pp. 523–532 (2005)Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Susan Hohenberger
    • 1
    • 2
  • Guy N. Rothblum
    • 3
  • abhi shelat
    • 2
  • Vinod Vaikuntanathan
    • 3
  1. 1.Johns Hopkins University 
  2. 2.IBM Zurich Research 
  3. 3.MIT CSAIL 

Personalised recommendations