Abstract
At Pairing'07, Matsuo proposed two proxy re-encryption schemes: proxy re-encryption fromCBE to IBE and IBE to IBE. Now both schemes have been standardized by P1363.3workgroup. In this paper, we show that their identity based proxy re-encryption scheme is insecure. We give two attacks to this scheme. The first attack shows that the proxy can re-encrypt any IBE user's ciphertext to be the delegatee's ciphertext. The second attack implies that, if the proxy colludes with any delegatee, the proxy and this delegatee can derive any other IBE user's secret key.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Published version (
Free)
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
