Identity-Based Conditional Proxy Re-Encryption

In a Idendity-based proxy re-encryption (IBPRE) scheme, a proxy, converts a ciphertext for one identity into a ciphertext for another identity without knowing the underlying plaintext. IBPRE can be used for applications requiring delegation, such as delegated email processing. However, some scenarios require handle a fine-grained delegation. For example, the delegator wants to limit the proxy to only re-encrypt the encrypted emails associated with specific conditions. To overcome the limitation of existing IBPRE, we introduce the notion of Identity-based conditional proxy re-encryption (IBCPRE), whereby only ciphertext satisfying one condition set by delegator can be transformed by the proxy and then can be decrypted by delegatee. We further proposed a concrete IBCPRE scheme, and prove its security in the standard model.