Skip to Main Content
Proxy re-encryption allows a proxy to transform a ciphertext computed under Alice's public key into one that can be opened under Bob's decryption key. In CANS'08, Deng et al. proposed the first bidirectional IND-PRE-CCA2 secure proxy re-encryption without parings. Later, in PKC'09, Shao et al. proposed the first unidirectional IND-PRE-CCA2 secure proxy re-encryption without parings. But both of these schemes prove their security in the random oracle. They left an open problem of constructing (bidirectional or unidirectional) IND-PRE-CCA2 secure proxy re-encryption scheme in the standard model yet without pairings. In this paper, we try to solve this open problem by proposing two new restricted IND-PRE-CCA2 secure bidirectional proxy re-encryption schemes without pairing nor random oracle.