Abstract

Proxy re-encryption (PRE) securely enables the re-encryption of ciphertexts from one key to another, without relying on trusted parties, i.e., it offers delegation of decryption rights. PRE allows a semi-trusted third party termed as a “proxy” to securely divert encrypted files of a user (delegator) to another user (delegatee) without revealing any information about the underlying files to the proxy. Whereas, Proxy re-signature (PRS) allows a semi-trusted proxy to convert a signature of a user (delegatee) into a signature of another user (delegator) on the same message, but the proxy cannot produce new valid signature on new messages for either delegator or delegatee. To eliminate the necessity of having a costly certificate verification process, Green and Ateniese [18] introduced an identitybased PRE (IB-PRE) and Shao et al. [32] introduced an identity-based PRS (IB-PRS). The potential applicability of IB-PRE and IB-PRS leads to intensive research from its first instantiations. Unfortunately, till today, there is no unidirectional IB-PRE and IB-PRS secure in the standard model, which can withstand quantum attack. In this paper, we provide, for the first time, concrete constructions of unidirectional IB-PRE and IB-PRS which are secure in standard model based on the hardness of learning with error problem and small integer solution problem, respectively. Our technique is to use the novel trapdoor delegation technique of Micciancio and Peikert. The way we use trapdoor delegation technique may prove useful for functionalities other than PRE and PRS as well.