Recently, the concept of proxy re-encryption has been shown very useful in a number of applications, especially in enforcing access control policies. In existing proxy re-encryption schemes, the delegatee can decrypt all ciphertexts for the delegator after re-encryption by the proxy. Consequently, in order to implement fine-grained access control policies, the delegator needs to either use multiple key pairs or trust the proxy to behave honestly. In this paper, we extend this concept and propose type-based proxy re-encryption, which enables the delegator to selectively delegate his decryption right to the delegatee while only needs one key pair. As a result, type-based proxy re-encryption enables the delegator to implement fine-grained policies with one key pair without any additional trust on the proxy. We provide a security model for our concept and provide formal definitions for semantic security and ciphertext privacy which is a valuable attribute in privacy-sensitive contexts. We propose two type-based proxy re-encryption schemes: one is CPA secure with ciphertext privacy while the other is CCA secure without ciphertext privacy.
|Title of host publication||Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India|
|Place of Publication||Berlin|
|Number of pages||15|
|Publication status||Published - Dec 2008|
|Name||Lecture Notes in Computer Science|
Tang, Q. (2008). Type-Based Proxy Re-encryption and Its Construction. In Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India (pp. 130-144). (Lecture Notes in Computer Science; Vol. 5365). Berlin: Springer. https://doi.org/10.1007/978-3-540-89754-5_11