Abstract

Blaze, Bleumer and Strauss introduced the notion of proxy re-encryption (PRE), a cryptographic primitive that enables a semi-trusted proxy to transform ciphertexts under the public key of a user (delegator) into ciphertexts under the public key of another user (delegatee). The important property to note here is, the proxy should not learn anything about the plaintext encrypted. In 2009, Weng et al: introduced the concept of conditional proxy re-encryption (CPRE), which permits the proxy to re-encrypt only ciphertexts satisfying a condition specified by the delegator into a ciphertext for the delegatee. CPRE enables fine-grained delegation of decryption rights useful in many practical scenarios, such as blockchain-enabled distributed cloud storage and encrypted email forwarding. Several CPRE schemes exist in the literature based on costly bilinear pairing operation in the random oracle model. We propose the first construction of an efficient CPRE scheme without pairing, satisfying chosen ciphertext security under the computational Diffie Hellman (CDH) assumption and its variant in the random oracle model.