Proxy Re-Encryption (PRE) is a public-key cryptographic primitive that allows a semi-trusted proxy server to transform a ciphertext encrypted for Alice into a ciphertext encrypted for Bob, without the proxy ever gaining access to the plaintext or the private keys of either party. This is achieved through a re-encryption key generated by Alice, which delegates decryption rights to Bob.
Glossary
Proxy Re-Encryption (PRE)

What is Proxy Re-Encryption (PRE)?
A cryptographic scheme enabling a semi-trusted proxy to transform ciphertext encrypted under one public key into ciphertext encrypted under another, without the proxy ever learning the underlying plaintext.
In healthcare federated learning, PRE enables a secure data-sharing architecture where encrypted patient records stored on a hospital's server can be re-encrypted by a proxy for a research institution's public key, ensuring the cloud or proxy infrastructure handling the transformation remains blind to the sensitive clinical data. This is distinct from standard decryption-and-re-encryption, which would expose the plaintext to the intermediary.
Key Properties of PRE Schemes
Proxy Re-Encryption (PRE) is defined by a set of distinct cryptographic properties that determine its suitability for different trust models and deployment scenarios. These properties govern the directionality of transformation, the number of re-encryption hops permitted, and the level of trust placed in the proxy.
Unidirectionality
A unidirectional PRE scheme allows the proxy to transform ciphertexts from Alice to Bob but not from Bob to Alice without a separate delegation key. This is the standard for secure data sharing, as it prevents the proxy from reversing the flow of information. In contrast, bidirectional schemes use a single delegation key that enables transformation in both directions, which is computationally efficient but requires a higher degree of mutual trust between the delegator and delegatee.
Single-Hop vs. Multi-Hop
This property defines the re-encryption chain depth.
- Single-Hop: A ciphertext can be re-encrypted only once. If Alice delegates to Bob, Bob cannot re-delegate that ciphertext to Carol. This provides strict access control and prevents transitive trust.
- Multi-Hop: A ciphertext can be re-encrypted sequentially multiple times (Alice → Bob → Carol). This enables cascading data sharing workflows but requires careful management to prevent unauthorized downstream access.
Transparency
In a transparent PRE scheme, the delegatee (Bob) uses his standard private key to decrypt a re-encrypted ciphertext, without any awareness that re-encryption occurred. The process is invisible to the end recipient. In a non-transparent scheme, Bob requires a separate, delegation-specific secret key. Transparency simplifies key management and is preferred for seamless user experiences in production systems.
Collusion Resistance
Collusion resistance defines the scheme's resilience when the proxy and delegatee conspire to recover the delegator's secret key.
- Collusion-Safe (Non-Transferable): Even if the proxy and Bob combine their knowledge (re-encryption key and Bob's private key), they cannot compute Alice's full private key. This is a critical security property for untrusted proxy environments.
- Collusion-Insecure: The proxy and delegatee can collude to expose the delegator's private key, limiting use to fully trusted proxies.
Interactivity
This property governs the delegation key generation process.
- Interactive: Alice must engage in a multi-round protocol with Bob (or a trusted third party) to generate the re-encryption key. This requires Bob to be online and cooperative.
- Non-Interactive: Alice can generate the re-encryption key independently using only her private key and Bob's public key. This is essential for asynchronous, scalable systems where delegates may be offline or unknown at key generation time.
Key Optimality
A key-optimal PRE scheme ensures that the delegatee's ciphertext size and decryption cost remain constant regardless of how many times the ciphertext has been re-encrypted. Without this property, a multi-hop ciphertext would grow linearly in size and computational complexity with each hop, making it impractical for deep delegation chains. Key optimality is a standard requirement for efficient, production-grade multi-hop schemes.
PRE vs. Alternative Secure Sharing Methods
A technical comparison of Proxy Re-Encryption against other cryptographic primitives used for secure data sharing across healthcare institutions, evaluating trust assumptions, computational overhead, and access control granularity.
| Feature | Proxy Re-Encryption (PRE) | Fully Homomorphic Encryption (FHE) | Secure Multi-Party Computation (SMPC) |
|---|---|---|---|
Core Mechanism | Transforms ciphertext from one public key to another without decryption | Computes arbitrary functions directly on encrypted ciphertexts | Distributes private inputs across parties to jointly compute a function |
Proxy Trust Requirement | Semi-trusted (honest-but-curious); proxy never sees plaintext | No proxy required; computation on untrusted cloud | No proxy; assumes honest majority or uses malicious-secure protocols |
Data Sharing Model | One-to-many delegation with revocable access via re-encryption keys | Many-to-one computation; data owner encrypts, server computes | Many-to-many joint computation over private inputs simultaneously |
Computational Overhead | Low; single asymmetric operation per re-encryption | Extremely high; 10,000x to 1,000,000x slowdown vs plaintext | High; communication rounds scale quadratically with parties |
Ciphertext Expansion | Minimal; constant-size overhead per re-encryption layer | Significant; ciphertexts orders of magnitude larger than plaintext | N/A; shares are typically same size as original inputs |
Access Revocation | |||
Suitable for Real-Time Clinical Data Access | |||
Standardization Maturity | Emerging (IEEE P2830, NIST IR 8459 consideration) | Standardized (NIST FIPS 204, ISO/IEC 18033-6) | Standardized (IETF RFC 9380, NIST SP 800-221) |
PRE Use Cases in Healthcare Federated Learning
Proxy Re-Encryption (PRE) enables secure, auditable sharing of encrypted patient data across institutions without exposing plaintext to intermediaries, forming the cryptographic backbone for consent-driven healthcare collaborations.
Consent-Based Data Sharing
PRE enables dynamic patient consent management by allowing a semi-trusted proxy to re-encrypt data for new recipients without ever accessing plaintext. When a patient consents to share their genomic data with a research institution, the hospital's proxy transforms ciphertext encrypted under the hospital's key into ciphertext decryptable only by the researcher's key.
- Granular revocation: Revoking access requires simply ceasing re-encryption operations
- Auditable trail: Every re-encryption event can be logged immutably
- Patient sovereignty: The data owner retains ultimate control over who can decrypt their protected health information (PHI)
Cross-Institutional Model Training
In federated learning scenarios, PRE secures the transmission of encrypted model gradients between hospitals and a central aggregation server. Each hospital encrypts its local model updates under the aggregator's public key, and a proxy can re-encrypt aggregated results back to individual participants without the proxy learning the model parameters.
- Prevents gradient leakage: Even if the proxy is compromised, model updates remain ciphertext
- Non-collusion guarantees: The proxy and recipients cannot collude to decrypt data intended for other parties
- Scalable architecture: Supports hundreds of participating clinical sites with minimal key management overhead
Secure Cloud-Based EHR Storage
Hospitals can store encrypted electronic health records (EHRs) in cloud environments while delegating re-encryption capabilities to a cloud-hosted proxy. When a specialist requires access, the proxy transforms the hospital-encrypted records into ciphertext the specialist's device can decrypt, all without the cloud provider seeing patient data.
- Zero-knowledge cloud: The storage provider never possesses plaintext or decryption keys
- Delegation without decryption: Eliminates the need for the data owner to be online to grant access
- Emergency access protocols: Pre-authorized break-glass re-encryption policies for critical care scenarios
Multi-Site Clinical Trial Data Aggregation
Pharmaceutical companies running multi-site clinical trials use PRE to securely aggregate patient outcomes from disparate hospital systems. Each site encrypts trial data under the sponsor's key, and a neutral third-party proxy re-encrypts the data for statistical analysis without ever viewing individual patient responses.
- Blinded analysis: Statisticians receive re-encrypted data without site-level identification
- Regulatory compliance: Satisfies GDPR and HIPAA requirements for cross-border data transfers
- Immutable provenance: Cryptographic proofs ensure data integrity from collection to analysis
IoT Medical Device Telemetry
Wearable medical devices and remote patient monitoring systems generate continuous encrypted telemetry. PRE allows a healthcare proxy service to re-encrypt this streaming data for multiple consumers—primary care physicians, specialists, and AI diagnostic systems—each with distinct decryption keys, without buffering plaintext at the edge.
- Bandwidth-efficient: Single encrypted stream serves multiple authorized recipients
- Device-agnostic: Works with constrained IoT hardware that cannot manage complex key distribution
- Real-time access control: Instantly grant or revoke specialist access to live patient vitals
Blockchain-Anchored Audit Logs
Combining PRE with distributed ledger technology creates tamper-proof audit trails for healthcare data access. Each re-encryption operation is recorded on-chain, providing immutable evidence of who accessed what data and when, while PRE ensures the underlying patient data remains encrypted throughout the logging process.
- Cryptographic non-repudiation: Access events are mathematically provable
- Smart contract integration: Automate re-encryption policies based on consent tokens
- Regulatory readiness: Provides auditable proof for HIPAA accounting of disclosures requirements
Frequently Asked Questions
Clear, technical answers to the most common questions about how proxy re-encryption enables secure, delegated data sharing in healthcare federated learning networks.
Proxy Re-Encryption (PRE) is a cryptographic scheme that allows a semi-trusted proxy server to transform ciphertext encrypted under Alice's public key into ciphertext encrypted under Bob's public key, without the proxy ever learning the underlying plaintext or either party's private key. The mechanism works as follows: Alice encrypts data with her public key and stores the ciphertext on a cloud server. When she wants to grant Bob access, she generates a re-encryption key (rk_{A→B}) using her private key and Bob's public key. She delegates this re-encryption key to the proxy. The proxy applies the re-encryption key to Alice's ciphertext, transforming it into a ciphertext that only Bob can decrypt with his private key. Critically, the re-encryption key is unidirectional (Alice→Bob only) and non-transitive (the proxy cannot combine rk_{A→B} and rk_{B→C} to create rk_{A→C}). This property makes PRE fundamentally different from traditional decryption-and-re-encryption approaches, where the proxy would require access to plaintext data.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Proxy Re-Encryption is a fundamental building block for secure data sharing. These related cryptographic primitives and protocols form the broader ecosystem of privacy-preserving computation in healthcare federated learning.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us