In ACM CCS 2007, Canetti and Hohenberger left an open problem of how to construct a multi-hop unidirectional proxy re-encryption scheme secure against chosen-ciphertext attacks (CCA). To resolve this problem, we utilize the recent advances in indistinguishability obfuscation, overcome several obstacles and propose a multi-hop unidirectional proxy re-encryption scheme. The proposed scheme is proved to be CCA-secure in the standard model (i.e., without using the random oracle heuristic), and its ciphertext remains constant-size regardless of how many times it has been transformed. It is worth noting that, our techniques proposed in this paper can also be used to construct an identity-based multi-hop unidirectional PRE scheme with constant-size ciphertexts and CCA-security in the standard model.

在ACM CCS 2007中，Canetti和Hohenberger提出了一个尚待解决的问题，即如何构建可防止选择密文攻击（CCA）的多跳单向代理重新加密方案。为了解决这个问题，我们利用了不可区分性混淆的最新进展，克服了一些障碍，并提出了一种多跳单向代理重加密方案。所提出的方案在标准模型中被证明是CCA安全的（即，不使用随机预言法），并且其密文大小保持不变，无论已对其进行了多少次变换。值得注意的是，本文提出的技术还可以用于在标准模型中构造具有恒定大小密文和CCA安全性的基于身份的多跳单向PRE方案。