基于身份的条件型广播代理重加密方案

在传统的代理重加密(PRE)体制中，代理者一旦获得重加密密钥就能将所有授权者能解密的密文转换成受理者能解密的密文，代理者的重加密权限过大；而且授权者需要对不同的受理者生成代理重加密密钥，计算过程中浪费了大量的资源。为了解决以上问题，构造了一种基于身份的条件型广播代理重加密方案。该方案中的授权者在生成重加密密钥过程中加入特殊条件，来限制代理者的重加密权限过大的问题；与此同时，使授权者的密文能够被再次广播以确保重要通信，这样的处理能节省更多的计算和通信开销。最后通过理论分析阐明了方案的安全性。

Identity-based conditional proxy broadcast re-encryption

In traditional Proxy Re-Encryption (PRE), a proxy is too powerful as it has the ability to re-encrypt all delegator's ciphertexts to delegatee once the re-encryption key is obtained; And for more than one delegatees, delegator needs to generate different re-encryption key for different delegatee, which wastes a lot of resources in the calculation process. To solve these problems, an identity-based conditional proxy broadcast re-encryption was introduced. The delegator generated a re-encryption key for some specified condition during the encryption, like that the re-encryption authority of the proxy was restricted to that condition only. Moreover, the delegator's ciphertexts could be re-broadcasted to ensure the important communication and save a lot of computation and communication cost. Finally, the theoretical analysis verified the security of the scheme.