On the security of Multi-Use Identity Based Proxy Re-Encryption

Abstract

In a proxy re-encryption (PRE) scheme, a proxy, authorized by Alice, transforms messages encrypted under Alices public key into encryptions under Bobs public key without learning anything about the underlying message(plaintext). In an Identity- Based Encryption the public key of a user is some unique information about the identity of the user, usually the user's email-ID. When Alice sends mail to Bob at "bob@company.com" she simply encrypts her message using the public key string "bob@company.com". There is no need for Alice to obtain Bobs public key certi - cate. When Bob receives the encrypted mail he contacts a third party, which we call the Private Key Generator (PKG) authenticates himself and then obtains the private key for himself. Finding a unidirectional, multi-use, and CCA2-secure identity-based proxy re-encryption scheme was presented as an open problem by Green et al. In 2010 Wang et.al. pro- posed a Multi-Use Identity Based Proxy Re-encryption Scheme[25] as the solution to the open problem. In this thesis, we have identi ed a security attack on [25] and also show that the attack is within the scope of the established security model[25].In a proxy re-encryption (PRE) scheme, a proxy, authorized by Alice, transforms messages encrypted under Alices public key into encryptions under Bobs public key without learning anything about the underlying message(plaintext). In an Identity- Based Encryption the public key of a user is some unique information about the identity of the user, usually the user's email-ID. When Alice sends mail to Bob at "bob@company.com" she simply encrypts her message using the public key string "bob@company.com". There is no need for Alice to obtain Bobs public key certi - cate. When Bob receives the encrypted mail he contacts a third party, which we call the Private Key Generator (PKG) authenticates himself and then obtains the private key for himself. Finding a unidirectional, multi-use, and CCA2-secure identity-based proxy re-encryption scheme was presented as an open problem by Green et al. In 2010 Wang et.al. pro- posed a Multi-Use Identity Based Proxy Re-encryption Scheme[25] as the solution to the open problem. In this thesis, we have identi ed a security attack on [25] and also show that the attack is within the scope of the established security model[25].