Chosen Public Key and Ciphertext Secure Proxy Re-Encryption Schemes

A proxy re-encryption scheme enables a proxy to re-encrypt a ciphertext and designate it to a delegate. Proxy re-encryption schemes have been found useful in many applications, including e-mail forwarding, law-enforcement monitoring, and content distribution. Libert and Vergnaud presented the first construction of unidirectional proxy re-encryption scheme with chosen ciphertext security in the standard model in PKC 2008. In this paper, the authors show the insecurity of Libert and Vergnaud's scheme against chosen public key attack.