@hakoja correctly points out that what you are asking for is not compatible with CCA security (the security property that Cramer-Shoup satisfies). More specifically, you seem to be looking for a rerandomizable, RCCA-secure encryption scheme. These two properties mean:
Rerandomizable: Given an encryption of an unknown $m$, there is a way to generate fresh samples from $\textsf{Enc}(k,m)$.
Replayable CCA (RCCA): The scheme is non-malleable except for the possibility of modifying a ciphertext $c$ into another ciphertext $c'$ where $\textsf{Dec}(k,c) = \textsf{Dec}(k,c')$. Basically, the scheme is malleable only in ways that preserve the plaintext; otherwise it is non-malleable.
Rerandomizable RCCA means that the randomization feature is the "only malleability" of the scheme. These are not too hard to achieve together, but they become non-trivial when you include another requirement:
- Unlinkability: Given $c = \textsf{Enc}(k,m)$ for an unknown $m$, it is hard to tell whether some other $c'$ is an independent encryption of $m$ or a rerandomization of $c$. In order to make sense, this property should hold even in the presence of chosen-ciphertext attacks (i.e., against attackers that have access to the decryption function), which makes it difficult. It often means that the rerandomization procedure must refresh all the randomness in a ciphertext.
In the paper below, we were the first to construct a rerandomizable RCCA scheme:
Prabhakaran & Rosulek: Rerandomizable RCCA Encryption, CRYPTO 2007
The scheme is about 5-6x more expensive than Cramer-Shoup, and it relies on DDH holding in some groups with related order. There is a later followup work that gives different constructions of rerandomizable RCCA from pairing-based groups:
Chase, Kohlweis, Lysyanskaya, Meikeljohn: Malleable Proof Systems and Applications. Eurocrypt 2012.
