Unforgeability of re-encryption keys against collusion attack in proxy re-encryption

  • Authors:
  • Ryotaro Hayashi;Tatsuyuki Matsushita;Takuya Yoshida;Yoshihiro Fujii;Koji Okada

  • Affiliations:
  • Toshiba Corporation, Kawasaki-Shi, Kanagawa, Japan;Toshiba Corporation, Kawasaki-Shi, Kanagawa, Japan;Toshiba Solutions Corporation, Fuchu-Shi, Tokyo, Japan;Toshiba Solutions Corporation, Fuchu-Shi, Tokyo, Japan;Toshiba Solutions Corporation, Fuchu-Shi, Tokyo, Japan

  • Venue:
  • IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

Proxy re-encryption (PRE) allows a proxy to convert a ciphertext encrypted for Alice (delegator) into a ciphertext for Bob (delegatee) by using a re-encryption key generated by Alice. In PRE, non-transferability is a desirable property that colluding proxies and delegatees cannot re-delegate decryption rights to a malicious user. However, it seems to be very difficult to directly construct a nontransferable PRE scheme albeit such attempts as in [9,15,8]. In this paper, we discuss the non-transferability and introduce a relaxed notion of the nontransferability, the unforgeability of re-encryption keys against collusion attack (UFReKey-CA), as one approach toward the non-transferability. We then propose two concrete constructions of PRE without random oracles that meet replayable-CCA security and UFReKey-CA assuming the q-wDBDHI and a variant of DHI problems are hard. Although the proposed schemes are partial solutions to non-transferable PRE, we believe that the results are significant steps toward the non-transferability.