CCA Proxy Re-Encryption without Bilinear Maps in the Standard Model

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6056)


Proxy re-encryption (PRE) is a cryptographic application proposed by Blaze, Bleumer, and Strauss. It is an encryption system with a special property in which the semi-honest third party, the proxy, can re-encrypt ciphertexts for Alice into other ciphertexts for Bob without using Alice’s secret key. We can classify PRE into bidirectional and unidirectional schemes. Canetti and Hohenberger formalized the semantic security under chosen ciphertext attack for PRE, the PRE-CCA security. Several schemes satisfy the PRE-CCA security as a bidirectional or unidirectional scheme. However, some PRE schemes need a bilinear map in the standard model, and the other PRE schemes are PRE-CCA secure in the random oracle model before our work. In this paper, we construct a bidirectional PRE-CCA proxy re-encryption without bilinear maps in the standard model. We study lossy trapdoor functions (LTDFs) based on the decisional Diffie-Hellman (DDH) assumption proposed by Peikert and Waters. We define a new variant of LTDFs, re-applicable LTDFs, which are specialized LTDFs for PRE, and use them for our scheme.


Random Oracle Model Public Parameter Challenge Ciphertext Decryption Oracle Trapdoor Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ateniese, G., Benson, K., Hohenberger, S.: Key-Private Proxy Re-encryption. In: Fischlin, M. (ed.) RSA Conference 2009. LNCS, vol. 5473, pp. 279–294. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. In: Network and Distributed System Security Symposium, NDSS. The Internet Society (2005)Google Scholar
  3. 3.
    Bellare, M., Hofheinz, D., Yilek, S.: Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 1–35. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Blaze, M., Bleumer, G., Strauss, M.: Divertible Protocols and Atomic Proxy Cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. 5.
    Boldyreva, A., Fehr, S., O’Neill, A.: On Notions of Security for Deterministic Encryption, and Efficient Constructions without Random Oracles. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 335–359. Springer, Heidelberg (2008)Google Scholar
  6. 6.
    Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Ning, P., di Vimercati, S.D.C., Syverson, P.F. (eds.) ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, Octorber 2007, pp. 185–194. ACM, New York (2007)Google Scholar
  7. 7.
    Deng, R.H., Weng, J., Liu, S., Chen, K.: Chosen-Ciphertext Secure Proxy Re-encryption without Pairings. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 1–17. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    Freeman, D.M., Goldreich, O., Kiltz, E., Rosen, A., Segev, G.: More Constructions of Lossy and Correlation-Secure Trapdoor Functions. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 279–295. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Hohenberger, S., Rothblum, G.N., Shelat, A., Vaikuntanathan, V.: Securely Obfuscating Re-encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 233–252. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Ivan, A., Dodis, Y.: Proxy Cryptography Revisited. In: NDSS, The Internet Society (2003)Google Scholar
  11. 11.
    Khurana, H., Heo, J., Pant, M.: From Proxy Encryption Primitives to a Deployable Secure-Mailing-List Solution. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 260–281. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Libert, B., Vergnaud, D.: Unidirectional Chosen-Ciphertext Secure Proxy Re-encryption. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 360–379. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Mambo, M., Okamoto, E.: Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts. IEICE transactions on fundamentals of electronics, Communications and computer sciences 80(1), 54–63 (1997)Google Scholar
  14. 14.
    Mol, P., Yilek, S.: Chosen-Ciphertext Security from Slightly Lossy Trapdoor Functions. In: PKC (2010)Google Scholar
  15. 15.
    Naor, M., Yung, M.: Public-key Cryptosystems Provably Secure against Chosen Ciphertext Attacks. In: STOC, New Orleans, Louisiana, USA, May 1990, pp. 427–437. ACM, New York (1990)Google Scholar
  16. 16.
    Nishimaki, R., Fujisaki, E., Tanaka, K.: Efficient Non-interactive Universally Composable String-Commitment Schemes. In: Pieprzyk, J., Zhang, F. (eds.) ProvSec 2009. LNCS, vol. 5848, pp. 3–18. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  17. 17.
    Peikert, C., Waters, B.: Lossy Trapdoor Functions and Their Applications. In: Ladner, R.E., Dwork, C. (eds.) STOC, Victoria, British Columbia, Canada, May 2008, pp. 187–196. ACM, New York (2008)Google Scholar
  18. 18.
    Rosen, A., Segev, G.: Efficient Lossy Trapdoor Functions based on the Composite Residuosity Assumption. Cryptology ePrint Archive, Report 2008/134 (2008),
  19. 19.
    Rosen, A., Segev, G.: Chosen-Ciphertext Security via Correlated Products. In: Reingold, O. (ed.) Theory of Cryptography. LNCS, vol. 5444, pp. 419–436. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  20. 20.
    Shao, J., Cao, Z.: CCA-Secure Proxy Re-encryption without Pairings. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 357–376. Springer, Heidelberg (2009)Google Scholar
  21. 21.
    Taban, G., Cárdenas, A.A., Gligor, V.D.: Towards a secure and interoperable DRM architecture. In: Yung, M., Kurosawa, K., Safavi-Naini, R. (eds.) Digital Rights Management Workshop, pp. 69–78. ACM, New York (2006)CrossRefGoogle Scholar
  22. 22.
    Weng, J., Chow, S.S., Yang, Y., Deng, R.H.: Efficient Unidirectional Proxy Re-Encryption. Cryptology ePrint Archive, Report 2009/189 (2009),
  23. 23.
    Zhang, X., Chen, M.-R., Li, X.: Comments on Shao-Cao’s Unidirectional Proxy Re-Encryption Scheme from PKC 2009. Cryptology ePrint Archive, Report 2009/344 (2009),

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  1. 1.Department of Mathematical and Computing SciencesTokyo Institute of TechnologyTokyoJapan
  2. 2.NTT LaboratoriesTokyoJapan

Personalised recommendations