Identity-based Broadcast Encryption Scheme with Untrusted PKG

An identity-based broadcast encryption cryptosystem enable senders to efficiently broadcast cipher texts to a large set of receivers, which can use arbitrary strings as public keys. In this kind of cryptosystem, if the Private Key Generator (PKG) is untrusted, you may suddenly learn that a private key corresponding to your Identity is used to decrypt some ciphertexts. What causes it happens? Except a key compromise, perhaps it must be the PKG who is acting dishonestly and trying to make malicious activities by selling your key, which is a key escrow problem. In order to solve it, we introduce the concept of Accountable Authority Identity Based Broadcast Encryption (AA-IBBE) and design a concrete scheme, which is a new approach to mitigate the key escrow problem existing by restricting the ways in which the PKG can misbehave in identity based broadcast encryption schemes. Lastly we also give its correctness proof and security analysis.

[1]  J. Camenisch,et al.  Proof systems for general statements about discrete logarithms , 1997 .

[2]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[3]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[4]  Michael T. Goodrich,et al.  Efficient Tree-Based Revocation in Groups of Low-State Devices , 2004, CRYPTO.

[5]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[6]  Ahmed Obied,et al.  Broadcast Encryption , 2008, Encyclopedia of Multimedia.

[7]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[8]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[9]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[10]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[11]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[12]  David Pointcheval,et al.  Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys , 2007, Pairing.

[13]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[14]  Byoungcheon Lee,et al.  Secure Key Issuing in ID-based Cryptography , 2004, ACSW.

[15]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[16]  Cécile Delerablée,et al.  Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys , 2007, ASIACRYPT.