ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Improving the Security of an Efficient Unidirectional Proxy Re-Encryption Scheme
A proxy re-encryption (PRE) scheme allows a designatedproxy, that has beforehand received aso-called re-encryption key, to translate a ciphertext intended to one user to a ciphertext intendedto another one. Traditionally, the re-encryption key is generated at the initiative of the initialreceiver and ideally, no secret keys should be known to the proxy. Such scheme is said unidirec-tional if the transformation from one user to another does not necessarily imply the possibility tomake the inverse transformation. Regarding the literature on unidirectional proxy re-encryption, itseems hard to prove the strongest security level (namely indistinguishability under chosen cipher-text attacks -IND-CCA) of such schemes. Most of the time, PRE either reaches a chosen-plaintextsecurity or areplayableCCAsecurity. At Africacrypt 2010, Chow, Weng, Yang and Deng pro-posed a scheme that satisfiesCCAsecurity in the random oracle model. However, their modelcan actually be strengthen. Indeed, we show in this paper how to modify this scheme so that itsimproved security achieves a fullCCAsecurity. In particular, we now allow the adversary of theCCAsecurity for re-encryption to corrupt the useri′who is the initial receiver of the challengedciphertext and at the same time to obtain the re-encryption key fromi′to the targeted users. Theresulting scheme is therefore a fully secure PRE which doesnotrely on pairings, and secure in therandom oracle model. It can be implemented efficiently with any traditional modular arithmetic.