Hi,
Does making transformation key (meaning reencryption key) public raises any risk of revealing the private key?
The re-encryption key is a public parameter by design in proxy re-encryption. It is used by the proxy - which is an untrusted actor in the system model - to transform a ciphertext decryptable by key s_A to another ciphertext decryptable by s_B.
Hence, the answer to your question is no. No risk at all assuming the PRE scheme is implemented properly.
1 Like
Thanks very much for the information. I am curious to know what mathematical construction is used to create a reencryption key in the OpenFHE implementation of PRE. Do you have a reference of it by any chance?
Here is the reference https://eprint.iacr.org/2024/681.pdf.
@bhavinmoriya There might have been some misunderstanding regarding “public”: The re-encryption key can be known to the proxy party, which is given the ciphertext to re-encrypt. However, the re-encryption key should not be known to the owner of the secret key of the resulting ciphertext, because it can use them to extract information about the original secret key. See also the response here.
1 Like