3 research outputs found
Adaptively secure identity-based broadcast encryption with a constant-sized ciphertext
In this work, we present an adaptively secure identity-based broadcast encryption system featuring constant sized ciphertext in the standard model. The size of the public key and the private keys of our system are both linear in the maximum number of receivers. Also, our system is fully collusion-resistant and has stateless receivers. Compared with the state-of-the-art, our scheme is well optimized for the broadcast encryption. The computational complexity of decryption of our scheme depends only on the number of receivers, not the maximum number of receivers of the system. Technically, we employ dual system encryption technique and our proposal offers adaptive security under the general subgroup decisional assumption. Our scheme demonstrates that the adaptive security of the schemes utilizing a composite order group can be proven under the general subgroup decisional assumption while many existing systems working in a composite order group are secure under multiple subgroup decision assumptions. We note that this finding is of an independent interest, which may be useful in other scenarios
Recommended from our members
A new encrypted data switching Protocol: Bridging IBE and ABE without loss of data confidentiality
Encryption technologies have become one of the most prevalent solutions to safeguard data confidentiality in may real-world applications, e.g., cloud-based data storage systems. Encryption outputting a relatively “static” format of encrypted data, however, may hinder further data operations, for example, encrypted data may need to be “transformed” into other formats for either computation or other purposes. In order to enable an encryption to be used in another device equipped with a different encryption mechanism, the concept of encryption switching is first proposed in CRYPTO 2016 for conversion particularly between Paillier and ElGamal encryptions. This paper considers the conversion between conventional identity-based and attribute-based encryptions and further proposes a concrete construction via the technique of proxy reencryption. The construction is proved to be CPA secure in the standard model under q-decisional parallel bilinear Diffie-Hellman exponent assumption. The performance comparisons highlight that our bridging mechanism reduces computation and communication cost on client side, especially when the data of client is encrypted and outsourced to remote cloud. The computational costs w.r.t. re-encryption (on server side) and decryption (on client side) are acceptable in practice