Outsourcing the Re-encryption Key Generation: Flexible Ciphertext-Policy Attribute-Based Proxy Re-encryption

In this paper, we introduce a new proxy re-encryption (PRE) in that the re-encryption key generation can be outsourced, in attribute-based encryption. We call this new notion flexible ciphertext-policy attribute-based proxy re-encryption (flexible CP-AB-PRE). In ordinary PRE scheme, re-encryption keys are generated by using user’s decryption key and an access structure. So, whenever the access structure is changed, a PRE user has to generate new different re-encryption keys. In order to overcome this disadvantage of the ordinary PRE, the re-encryption key generation of the proposed scheme is divided into the following two steps. First, a user generates universal re-encryption key urk S which indicates delegator’s attributes set S. Second, an authority who has re-encryption secret key rsk generates ordinary re-encryption key \({\sf rk}_{S\rightarrow{\Bbb M}'}\) by using urk S , rsk, and an access structure \({\Bbb M}'\). The user has only to generate single urk S for all re-encryption keys. By this “outsourcing”, the task of re-encryption key generation for a user is reduced only to generate one urk S . Furthermore, supposing a Private Key Generator (PKG) generates urk simultaneously at the time of decryption key generation, the load of re-encryption key generation for users almost vanishes.