Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption

In this paper, we construct an efficient “multi-receiver identity-based encryption scheme”. Our scheme only needs one (or none if precomputed and provided as a public parameter) pairing computation to encrypt a single message for n receivers, in contrast to the simple construction that re-encrypts a message n times using Boneh and Franklin's identity-based encryption scheme, considered previously in the literature. We extend our scheme to give adaptive chosen ciphertext security. We support both schemes with security proofs under precisely defined formal security model. Finally, we discuss how our scheme can lead to a highly efficient public key broadcast encryption scheme based on the “subset-cover” framework.

[1]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[2]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[3]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[4]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[5]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1993, IEEE Trans. Inf. Theory.

[6]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[7]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[8]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[9]  Jacques Stern,et al.  Extended Notions of Security for Multicast Public Key Cryptosystems , 2000, ICALP.

[10]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[11]  David Pointcheval,et al.  REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform , 2001, CT-RSA.

[12]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[13]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[14]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[15]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[16]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[17]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[18]  Yuliang Zheng,et al.  Advances in Cryptology — ASIACRYPT 2002 , 2002, Lecture Notes in Computer Science.

[19]  Kaoru Kurosawa,et al.  Multi-recipient Public-Key Encryption with Shortened Ciphertext , 2002, Public Key Cryptography.

[20]  Liqun Chen,et al.  Applications of Multiple Trust Authorities in Pairing Based Cryptosystems , 2002, InfraSec.

[21]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[22]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[23]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[24]  Nigel P. Smart Access Control Using Pairing Based Cryptography , 2003, CT-RSA.

[25]  M. Bellare,et al.  Multi-Recipient Encryption Schemes: Security Notions and Randomness Re-Use , 2003 .

[26]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[27]  Mihir Bellare,et al.  Randomness Re-use in Multi-recipient Encryption Schemeas , 2003, Public Key Cryptography.

[28]  Yevgeniy Dodis,et al.  Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack , 2003, Public Key Cryptography.

[29]  Marc Joye,et al.  Topics in Cryptology — CT-RSA 2003 , 2003 .

[30]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[31]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.