Revisiting Proxy Re-encryption: Forward Secrecy, Improved Security, and Applications

We revisit the notion of proxy re-encryption (\(\mathsf {PRE}\)), an enhanced public-key encryption primitive envisioned by Blaze et al. (Eurocrypt’98) and formalized by Ateniese et al. (NDSS’05) for delegating decryption rights from a delegator to a delegatee using a semi-trusted proxy. \(\mathsf {PRE}\) notably allows to craft re-encryption keys in order to equip the proxy with the power of transforming ciphertexts under a delegator’s public key to ciphertexts under a delegatee’s public key, while not learning anything about the underlying plaintexts.