On the Insecurity of an Identity Based Proxy Re-encryption Scheme

Authors:
Xu An Wang;Xiaoyuan Yang
Affiliations:
Key Laboratory of Information and Network Security, Engineering College of Chinese Armed Police Force Xi'an, 710086, P. R. China. E-mail: wangxahq@yahoo.com.cn;Key Laboratory of Information and Network Security, Engineering College of Chinese Armed Police Force Xi'an, 710086, P. R. China. E-mail: wangxahq@yahoo.com.cn
Venue:
Fundamenta Informaticae
Year:
2010

Citing 1
Cited 1

Improved proxy re-encryption schemes with applications to secure distributed storage

ACM Transactions on Information and System Security (TISSEC)

On the security of two multi-use CCA-secure proxy re-encryption schemes

International Journal of Intelligent Information and Database Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

At Pairing'07, Matsuo proposed two proxy re-encryption schemes: proxy re-encryption fromCBE to IBE and IBE to IBE. Now both schemes have been standardized by P1363.3workgroup. In this paper, we show that their identity based proxy re-encryption scheme is insecure. We give two attacks to this scheme. The first attack shows that the proxy can re-encrypt any IBE user's ciphertext to be the delegatee's ciphertext. The second attack implies that, if the proxy colludes with any delegatee, the proxy and this delegatee can derive any other IBE user's secret key.