A Parametric Family of Attack Models for Proxy Re-Encryption

TitleA Parametric Family of Attack Models for Proxy Re-Encryption
Publication TypeConference Paper
Year of Publication2015
AuthorsD. Nuñez, I. Agudo, and J. Lopez
Conference Name28th IEEE Computer Security Foundations Symposium
Series TitleCSF'15
Date Published07/2015
PublisherIEEE Computer Society
Conference LocationVerona, Italy
ISBN Number 978-1-4673-7538-2
ISSN Number1063-6900

Proxy Re-Encryption (PRE) is a type of Public-Key Encryption (PKE) which provides an additional re-encryption functionality. Although PRE is inherently more complex than PKE, attack models for PRE have not been developed further than those inherited from PKE. In this paper we address this gap and define a parametric family of attack models for PRE, based on the availability of both the decryption and re-encryption oracles during the security game. This family enables the definition of a set of intermediate security notions for PRE that ranges from ``plain'' IND-CPA to ``full'' IND-CCA. We analyze some relations among these notions of security, and in particular, the separations that arise when the re-encryption oracle leaks re-encryption keys. In addition, we discuss which of these security notions represent meaningful adversarial models for PRE. Finally, we provide an example of a recent ``CCA1- secure'' scheme from PKC 2014 whose security model does not capture chosen-ciphertext attacks through re-encryption and for which we describe an attack under a more realistic security notion. This attack emphasizes the fact that PRE schemes that leak re-encryption keys cannot achieve strong security notions.

Citation Keynunez2015parametric
Paper File: 

Supported by