Authenticated Broadcast Encryption Scheme

With the advancement of wireless networks and mobile access devices such as cell phones and PDAs, multimedia services could be offered through wireless broadcast networks to these mobile devices. Therefore, there is a need to securely deliver multimedia content/data to many users over an insecure channel. Broadcast encryption scheme could provide this solution. The first formal study of broadcast encryption scheme is by Fiat and Noar in 1993. Since then, many broadcast encryption schemes have been proposed to improve the efficiency which is measured by three parameters, that is, length of transmission messages, users' storage and computational overhead at a user device. Some broadcast encryption schemes require less users storage, but the length of transmission messages or computation overhead depends on the number of users. In this paper, we proposed an authenticated broadcast encryption scheme which has an additional property than current proposed broadcast encryption schemes, that is, all users can verify who the sender is. The proposed scheme is proved to be secure against chosen ciphertext attacks based on the decision l-bilinear Diffie-Hellman exponent assumption. Furthermore, the simulation results, transmission messages nearly independent of the number of users and reasonable user storage show that the proposed authenticated broadcast encryption scheme is efficient and suitable for mobile devices.

[1]  K. J. Ray Liu,et al.  Key management and distribution for secure multimedia multicast , 2003, IEEE Trans. Multim..

[2]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[3]  Lawrence C. Washington Review of "Handbook of Elliptic and Hyperelliptic Curve Cryptography by H. Cohen and G. Frey", Chapman & Hall/CRC, 2006, 1-58488-518-1 , 2008, SIGA.

[4]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[5]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[6]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2006 .

[7]  Douglas R. Stinson,et al.  On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption , 1997, Des. Codes Cryptogr..

[8]  Yevgeniy Dodis,et al.  Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack , 2003, Public Key Cryptography.

[9]  Jung Hee Cheon,et al.  Efficient Broadcast Encryption Using Multiple Interpolation Methods , 2004, ICISC.

[10]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[11]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[12]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[13]  Dong Hoon Lee,et al.  One-Way Chain Based Broadcast Encryption Schemes , 2005, EUROCRYPT.

[14]  Michael Scott,et al.  Implementing Cryptographic Pairings on Smartcards , 2006, CHES.

[15]  Ben Lynn,et al.  Authenticated Identity-Based Encryption , 2002, IACR Cryptol. ePrint Arch..

[16]  Adi Shamir,et al.  The LSD Broadcast Encryption Scheme , 2002, CRYPTO.

[17]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[18]  Douglas R. Stinson,et al.  Fault Tolerant and DistributedBroadcast Encryption , 2003, CT-RSA.

[19]  Ying Wang,et al.  An ID-based broadcast encryption scheme for key distribution , 2005, IEEE Trans. Broadcast..

[20]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[21]  Dong Hoon Lee,et al.  Generic Transformation for Scalable Broadcast Encryption Schemes , 2005, CRYPTO.

[22]  Bo Li,et al.  CASM: a content-aware protocol for secure video multicast , 2006, IEEE Transactions on Multimedia.

[23]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.