On the application of generic CCA-secure transformations to proxy re-encryption.

Several generic methods exist for achieving chosen-ciphertext attack CCA-secure public-key encryption schemes from weakly secure cryptosystems, such as the Fujisaki-Okamoto and REACT transformations. In the context of proxy re-encryption PRE, it would be desirable to count on analogous constructions that allow PRE schemes to achieve better security notions. In this paper, we study the adaptation of these transformations to proxy re-encryption and find both negative and positive results. On the one hand, we show why it is not possible to directly integrate these transformations with weakly secure PRE schemes because of general obstacles coming from both the constructions themselves and the security models, and we identify 12 PRE schemes that exhibit these problems. On the other hand, we propose an extension of the Fujisaki-Okamoto transformation for PRE, which achieves a weak form of CCA security in the random oracle model, and we describe the sufficient conditions for applying it. Copyright © 2016 John Wiley & Sons, Ltd.