## CryptoDB

### Paper: Chosen-Ciphertext Secure Proxy Re-Encryption

Authors: Ran Canetti Susan Hohenberger URL: http://eprint.iacr.org/2007/171 Search ePrint Search Google In a proxy re-encryption (PRE) scheme, a proxy is given special information that allows it to translate a ciphertext under one key into a ciphertext of the same message under a different key. The proxy cannot, however, learn anything about the messages encrypted under either key. PRE schemes have many practical applications, including distributed storage, email, and DRM. Previously proposed re-encryption schemes achieved only semantic security; in contrast, applications often require security against chosen ciphertext attacks. We propose a definition of security against chosen ciphertext attacks for PRE schemes, and present a scheme that satisfies the definition. Our construction is efficient and based only on the Decisional Bilinear Diffie-Hellman assumption in the standard model. We also formally capture CCA security for PRE schemes via both a game-based definition and simulation-based definitions that guarantee universally composable security. We note that, simultaneously with our work, Green and Ateniese proposed a CCA-secure PRE, discussed herein.
##### BibTeX
@misc{eprint-2007-13453,
title={Chosen-Ciphertext Secure Proxy Re-Encryption},
booktitle={IACR Eprint archive},
keywords={public-key cryptography / re-encryption, chosen-ciphertext security, obfuscation},
url={http://eprint.iacr.org/2007/171},
note={Full version of paper in ACM CCS 2007. susan@cs.jhu.edu 13815 received 8 May 2007, last revised 29 Oct 2007},
author={Ran Canetti and Susan Hohenberger},
year=2007
}