Security Analysis of a Multi-use Identity Based CCA-Secure Proxy Re-encryption Scheme

Abstract

In proxy re-encryption (PRE), a semi-trusted proxy can convert a cipher text originally intended for Alice into one which can be decrypted by Bob, while the proxy can not know the underlying plaintext. In multi-use PRE schemes, the cipher text can be transformed from Alice to Bob and to Charlie and so on. Due to its cipher text transformation property, it is difficult to achieve chosen cipher text security for PRE, especially for multi-use PRE. IBE is a new kind of public-key encryption where the recipient's public key is an arbitrary string that represents the recipient's identity. Identity based proxy re-encryption (IBPRE) is a primitive combing the feature of IBE and PRE. Recently Wang et al. proposed a multi-use unidirectional CCA-secure identity based proxy re-encryption (IBPRE) scheme. Unfortunately, we show their proposal is not CCA-secure in the corresponding security models by giving concrete attacks.