基于组群通信的代理重加密方案.doc

PAGE PAGE 5 Group-based Proxy Re-encryption scheme Secured against Chosen Ciphertext Attack Chunbo Ma1,2, Jun Ao1 1Information and Communication Guilin University of Electronic Technology, Guilin, Guangxi, 541004, P. R. China Cb_ma@263.net 2 The State Key Laboratory of Information Security, Beijing, 100049, P. R. China Abstract. Recently, proxy re-encryption scheme received much attention. In this paper, we propose a unidirectional proxy re-encryption used to divert ciphertext from one group to another. The scheme is unidirectional and any member can independently decrypt the ciphertexts encrypted to its group. We discuss the security of the proposed scheme and show that our scheme withstands chosen ciphertext attack in standard model. Keywords. Group-based, Unidirectional, Proxy, Re-encryption, Standard model, V-DDH assumption Introduction Proxy re-encryption is such a scheme that it allows a proxy to transfer a ciphertext corresponding to Alice’s public key into one that can be decrypted by Bob’s private key. However, the proxy in this scheme can’t obtain any information on the plaintext and the private keys of both users. Manbo and Okamoto firstly introduced the technique for delegating decryption right in [1]. Then, Blaze et al. [3] presented the notion of “atomic proxy cryptography” in 1998. The proxy re-encryption scheme has been used in some scenarios. For example, Ateniese et al [4] designed an efficient and secure distributed storage system in which the proxy re-encryption scheme is employed. In their system, the Server who storing information is just semi-trusted and no additional means to be used to ensure the security of the system. The Server who acts as a proxy can’t get any information about the stored information. There are some other applications, such as secure email forward, and so on [3][6]. In practice, this kind of encryption scheme is divided into two categories by proxy functions, namely bidirectional and unidirectional [2]. In a bidir