Provably secure proxy convertible authenticated encryption scheme based on RSA

To engage with complicated business operations, we propose a proxy convertible authenticated encryption (CAE) scheme based on RSA assumption to resolve the delegation problem for confidential transactions. The proposed scheme enables an authorized proxy signer to produce a proxy authenticated ciphertext such that only the designated recipient can validate it for assuring the transaction privacy. In case of a later repudiation, the designated recipient can just release the converted proxy signature for public arbitration without extra computation efforts or communication overheads. Moreover, the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) and that of unforgeability against existential forgery under adaptive chosen-message attacks (EF-CMA) are given in the random oracle model. To the best of our knowledge, the proposed scheme is the first provably secure proxy CAE scheme based on RSA assumption.