Adaptive Security in Broadcast Encryption Systems (with Short Ciphertexts)

We present new techniques for achieving adaptive security in broadcast encryption systems. Previous work on fully collusion resistant broadcast encryption systems with very short ciphertexts was limited to considering only static security. First, we present a new definition of security that we call semi-static security and show a generic "two-key" transformation from semi-statically secure systems to adaptively secure systems that have comparable-size ciphertexts. Using bilinear maps, we then construct broadcast encryption systems that are semi-statically secure in the standard model and have constant-size ciphertexts. Our semi-static constructions work when the number of indices or identifiers in the system is polynomial in the security parameter. For identity-based broadcast encryption, where the number of potential indices or identifiers may be exponential, we present the first adaptively secure system with sublinear ciphertexts. We prove security in the standard model.

[1]  Moni Naor,et al.  Efficient Trace and Revoke Schemes , 2000, Financial Cryptography.

[2]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[3]  Joonsang Baek,et al.  Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption , 2005, Public Key Cryptography.

[4]  Yevgeniy Dodis,et al.  Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack , 2003, Public Key Cryptography.

[5]  Tanja Lange,et al.  Progress in Cryptology - INDOCRYPT 2006, 7th International Conference on Cryptology in India, Kolkata, India, December 11-13, 2006, Proceedings , 2006, INDOCRYPT.

[6]  Serge Vaudenay Public Key Cryptography - PKC 2005, 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005, Proceedings , 2005, Public Key Cryptography.

[7]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[8]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[9]  Michael T. Goodrich,et al.  Efficient Tree-Based Revocation in Groups of Low-State Devices , 2004, CRYPTO.

[10]  Nigel P. Smart,et al.  Efficient Key Encapsulation to Multiple Parties , 2004, SCN.

[11]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[12]  Joachim Biskup,et al.  Computer Security - ESORICS 2007, 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24-26, 2007, Proceedings , 2007, ESORICS.

[13]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[14]  C. Pandu Rangan,et al.  Cryptanalysis of Mu et al.'s and Li et al.'s Schemes and a Provably Secure ID-Based Broadcast Signcryption (IBBSC) Scheme , 2009, WISA.

[15]  Jun Furukawa,et al.  Identity-Based Broadcast Encryption , 2007, IACR Cryptol. ePrint Arch..

[16]  Eike Kiltz,et al.  Generalized Key Delegation for Hierarchical Identity-Based Encryption , 2007, ESORICS.

[17]  Craig Gentry,et al.  Hierarchical Identity Based Encryption with Polynomially Many Levels , 2009, TCC.

[18]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[19]  Cécile Delerablée,et al.  Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys , 2007, ASIACRYPT.

[20]  Sanjit Chatterjee,et al.  Multi-receiver Identity-Based Key Encapsulation with Shortened Ciphertext , 2006, INDOCRYPT.

[21]  Saurabh Panjwani,et al.  Tackling Adaptive Corruptions in Multicast Encryption Protocols , 2007, TCC.

[22]  David Pointcheval,et al.  Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys , 2007, Pairing.

[23]  Adi Shamir,et al.  The LSD Broadcast Encryption Scheme , 2002, CRYPTO.

[24]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[25]  Brent Waters,et al.  Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys , 2006, EUROCRYPT.

[26]  Manuel Barbosa,et al.  Efficient Identity-Based Key Encapsulation to Multiple Parties , 2005, IMACC.

[27]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[28]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[29]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[30]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[31]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[32]  Jonathan Katz,et al.  Efficiency improvements for signature schemes with tight security reductions , 2003, CCS '03.

[33]  S SharmilaDevaSelvi,et al.  Schemes and a Provably Secure ID-Based Broadcast Signcryption (IBBSC) Scheme , 2008 .

[34]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[35]  Tsuyoshi Takagi,et al.  Pairing-Based Cryptography - Pairing 2007, First International Conference, Tokyo, Japan, July 2-4, 2007, Proceedings , 2007, Pairing.

[36]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[37]  Brent Waters,et al.  A fully collusion resistant broadcast, trace, and revoke system , 2006, CCS '06.

[38]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[39]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[40]  Craig Gentry,et al.  Space-Efficient Identity Based EncryptionWithout Pairings , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[41]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[42]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[43]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.