Type-Based Proxy Re-encryption and Its Construction

Qiang Tang

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    1 Downloads (Pure)


    Recently, the concept of proxy re-encryption has been shown very useful in a number of applications, especially in enforcing access control policies. In existing proxy re-encryption schemes, the delegatee can decrypt all ciphertexts for the delegator after re-encryption by the proxy. Consequently, in order to implement fine-grained access control policies, the delegator needs to either use multiple key pairs or trust the proxy to behave honestly. In this paper, we extend this concept and propose type-based proxy re-encryption, which enables the delegator to selectively delegate his decryption right to the delegatee while only needs one key pair. As a result, type-based proxy re-encryption enables the delegator to implement fine-grained policies with one key pair without any additional trust on the proxy. We provide a security model for our concept and provide formal definitions for semantic security and ciphertext privacy which is a valuable attribute in privacy-sensitive contexts. We propose two type-based proxy re-encryption schemes: one is CPA secure with ciphertext privacy while the other is CCA secure without ciphertext privacy.
    Original languageUndefined
    Title of host publicationProgress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India
    Place of PublicationBerlin
    Number of pages15
    ISBN (Print)978-3-540-89753-8
    Publication statusPublished - Dec 2008
    Event9th International Conference on Cryptology, INDOCRYPT 2008 - Kharagpur, India
    Duration: 14 Dec 200817 Dec 2008

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag


    Conference9th International Conference on Cryptology, INDOCRYPT 2008
    OtherDecember 14-17, 2008


    • METIS-263987
    • SCS-Cybersecurity
    • EWI-15990
    • IR-67860

    Cite this