Latest Article
Dynamic Broadcast Encryption Scheme with Revoking User
Time:2014-1-07  
ZOU Xiubin1, XIANG Jinhai2†
1. College of Computer and Mathematics, Jianghan University, Wuhan 430056, Hubei, China; 2. College of Science, Huazhong Agricultural University, Wuhan 430070, Hubei, China
Abstract:
 Currently, there still lacks an efficient methodology to revoke user’s ability to decrypt ciphertext in broadcast encryption with the uncertain number of ciphertext recipients. To solve this problem, here, we present a dynamic broadcast encryption scheme with the following properties: First, the length of the ciphertext has a linear relationship with the number of revocable users, but it has no association with the total number of ciphertext recipients. Sec- ond, the scheme also works when users dynamically join. Espe- cially, compared with methods published up to date, our scheme is more efficient with a large number of ciphertext recipients. Third, the broadcaster can revoke user’s ability to decrypt ciphertext if necessary. Fourth, the private key of users is composed of three elements in Elliptic curve group of prime order. Last, if q-Deci- sional Multi-Exponent Bilinear Diffie-Hellman assumption holds, our scheme is secure in the standard model when a polynomial time adversary selectively attacks it. 
Key words:dynamic broadcast encryption; revoking user; bilin- ear map; public key encryption
CLC number:TP 309.7
References:
[1] Fiat A, Naor M. Broadcast encryption [C]//Advances in Cryp- tology—CRYPTO’93. New York: Springer-Verlag, 1994: 480- 491. 
[2] Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers [C]//Advances in Cryptology—CRYPTO 2001. New York: Springer-Verlag, 2001: 41-62. 
[3] Halevy D, Shamir A. The LSD broadcast encryption scheme [C]//Advances in Cryptology—CRYPTO 2002. New York: Springer-Verlag, 2002: 145-161. 
[4] Goodrich M T, Sun J Z, Tamassia R. Efficient tree-based revo- cation in groups of low-state devices [C]//Advances in Cryp- tology—CRYPTO 2004. New York: Springer-Verlag, 2004: 511-527. 
[5] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys [C]//Ad- vances in Cryptology—CRYPTO 2005. New York: Springer- Verlag, 2005: 258-275. 
[6] Lewko A, Sahai A, Waters B. Revocation systems with very small private keys [C]// Security and Privacy (SP), 2010 IEEE Symposium on Communication, Networking & Broad- casting . Washington D C: IEEE Press, 2010: 273-285.  
[7] Delerablée C, Paillier P, Pointcheval D. Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys [C]//Pairing-Based Cryptography—Pairing 2007. New York: Springer-Verlag, 2007: 39-59. 
[8] Phan D H, Pointcheval D, Shahandashti S F, et al. Adaptive cca broadcast encryption with constant-size secret keys and cipher- texts [C]//Information Security and Privacy—ACISP 2012. New York: Springer-Verlag, 2012: 308-321. 
[9] Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers [C]//Advances in Cryptology—CRYPTO 2001. New York: Springer-Verlag, 2001: 41-62. 
[10] Asano T. A revocation scheme with minimal storage at receiv- ers [C]//Advances in Cryptology—ASIACRYPT 2002. New York: Springer-Verlag, 2002: 433-450. 
[11] Gentry C, Waters B. Adaptive security in broadcast encryption systems (with short ciphertexts) [C]//Advances in Cryptol- ogy—EUROCRYPT 2009. New York: Springer-Verlag, 2009: 171-188. 
[12] Libert B, Paterson K, Quaglia E. Anonymous broadcast en- cryption: adaptive security and efficient constructions in the standard model [C]//Public Key Cryptography—PKC 2012. New York: Springer-Verlag, 2012: 206-224. 
[13] Fazio N, Perera I. Outsider-anonymous broadcast encryption with sublinear ciphertexts [C]//Public Key Cryptography— PKC 2012. New York: Springer-Verlag, 2012: 225-242.