RCCA-Secure multi-use bidirectional proxy re-encryption with master secret security

Abstract

Bidirectional proxy re-encryption allows ciphertext transformation between Alice and Bob via a semi-trusted proxy, who however cannot obtain the corresponding plaintext. Due to this special property, bidirectional proxy re-encryption has become a flexible tool in many dynamic environments, such as publish subscribe systems, group communication, and cloud computing. Nonetheless, how to design a secure and efficient bidirectional proxy re-encryption is still challenging. In this paper, we propose a novel bidirectional proxy re-encryption scheme that holds the following nice properties: 1) constant ciphertext size no matter how many times the transformation performed; 2) master secret security in the random oracle model, i.e., Alice (resp. Bob) colluding with the proxy cannot obtain Bob’s (resp. Alice’s) private key; 3) Replayable chosen ciphertext (RCCA) security in the random oracle model. To the best of our knowledge, our proposal is the first bidirectional proxy reencryption scheme that holds the above three properties simultaneously.