In 1998, Blaze, Bleumer, and Strauss [1] proposed the concept of proxy re-cryptography (PRC), including proxy re-encryption (PRE) and proxy re-signature (PRS). A PRE scheme is a cryptosystem that allows a third party (proxy) to transform a ciphertext that was encrypted for one party to be decrypted by another. PRE has a number of applications, such as law enforcement monitoring, content distribution, and email forwarding. For instance, Alice may want to forward her encrypted mail to Bob, temporarily, without revealing her secret key. Ateniese et al. present a good survey of PRE [2], and Shao maintains a helpful online bibliography (http://tdt.sjtu.edu.cn/~jshao/prcbib.htm) on PRC.
In this paper, Milgo proposes a new theoretical unidirectional approach to PRE. Milgo’s approach combines the user identity and secret key, in order to provide protection from unreliable proxies, collusion attacks, and reverse attacks. Another interesting property of this approach is that the proxy must receive approval from the delegator in every re-signing process, which enhances the security of the cryptosystem and ensures practical overheads.
In conclusion, Milgo presents a new theoretical implementation of the PRE cryptosystem, with additional protections. The paper is well written and contributes a new idea to the future development of PRE.