An Efficient Broadcast Encryption Supporting Designation and Revocation Mechanisms

详细信息    查看全文 | 推荐本文 |

英文篇名：An Efficient Broadcast Encryption Supporting Designation and Revocation Mechanisms 作者：ZHU ; Yan ; YU ; Ruyun ; CHEN ; E ; HUANG ; Dijiang 英文作者：ZHU Yan;YU Ruyun;CHEN E;HUANG Dijiang;School of Computer and Communication Engineering, University of Science and Technology Beijing;School of Computing Informatics and Decision System Engineering, Arizona State University; 英文关键词：Cryptography;;Broadcast encryption;;Provable security;;Revocation;;Designation;;Dual modes 中文刊名：EDZX 英文刊名：电子学报(英文) 机构：School of Computer and Communication Engineering, University of Science and Technology Beijing;School of Computing Informatics and Decision System Engineering, Arizona State University; 出版日期：2019-05-15 出版单位：Chinese Journal of Electronics 年：2019 期：v.28 基金：supported by the National Natural Science Foundation of China(No.61472032);; NSFC-Genertec Joint Fund for Basic Research(No.U1636104);; NSFC-Joint Research Fund for Overseas Chinese Scholars and Scholars in Hong Kong and Macao(No.61628201) 语种：英文; 页：EDZX201903001 页数：12 CN：03 ISSN：10-1284/TN 分类号：5-16

摘要

In this paper our objective is to explore approaches of secure group-oriented communication with designation and revocation mechanisms simultaneously.We present a new scheme of Revocation-based broadcast encryption(RBBE) which is designed on Dan Boneh et al.'s scheme with the designation mechanism proposed in 2005. We combine two above-mentioned schemes into a new cryptosystem, called Dual-mode broadcast encryption(DMBE). Based on these work, we reach the following conclusions. We use the DMBE scheme as an example to show that it is feasible to construct a broadcast encryption scheme that supports designation and revocation mechanisms simultaneously. The cryptosystem with dual modes is more efficient than that with single mode over computational costs, and the performance is improved to at most O(「N/2」), where N is the total number of users in the system. We prove completely that both the RBBE scheme and the DMBE scheme are semantically secure against chosen plaintext attack with full collusion under the decisional bilinear Diffie-Hellman exponent assumption.
        In this paper our objective is to explore approaches of secure group-oriented communication with designation and revocation mechanisms simultaneously.We present a new scheme of Revocation-based broadcast encryption(RBBE) which is designed on Dan Boneh et al.'s scheme with the designation mechanism proposed in 2005. We combine two above-mentioned schemes into a new cryptosystem, called Dual-mode broadcast encryption(DMBE). Based on these work, we reach the following conclusions. We use the DMBE scheme as an example to show that it is feasible to construct a broadcast encryption scheme that supports designation and revocation mechanisms simultaneously. The cryptosystem with dual modes is more efficient than that with single mode over computational costs, and the performance is improved to at most O(「N/2」), where N is the total number of users in the system. We prove completely that both the RBBE scheme and the DMBE scheme are semantically secure against chosen plaintext attack with full collusion under the decisional bilinear Diffie-Hellman exponent assumption.

引文

[1]A.Fiat and M.Naor,“Broadcast encryption”,Proc.of Annual International Cryptology Conference,LNCS,Vol.773,pp.480-491,1993.
    [2]D.Boneh,C.Gentry and B.Waters,“Collusion resistant broadcast encryption with short ciphertexts and private keys”,Proc.of Annual International Cryptology Conference,LNCS,Vol.3621,pp.258-272,2005.
    [3]C.Delerablée,“Identity-based broadcast encryption with constant size ciphertexts and private keys”,Proc.of International Conference on the Theory and Application of Cryptology and Information Security,Kuching,Malaysia,LNCS,Vol.4833,pp.200-215,2007.
    [4]C.Gentry and B.Waters,“Adaptive security in broadcast encryption systems(with short ciphertexts)”,Proc.of International Conference on the Theory and Applications of Cryptographic Techniques,Cologne,Germany,LNCS,Vol.5479,pp.171-188,2009.
    [5]D.H.Phan,D.Pointcheval,S.F.Shahandashti,et al.,“Adaptive CCA broadcast encryption with constant-size secret keys and ciphertexts”,International Journal of Information Security,Vol.12,No.4,pp.251-265,2013.
    [6]B.Wesolowski and P.Junod,“Ciphertext-policy attributebased broadcast encryption with small keys”,Proc.of International Conference on Information Security and Cryptology,LNCS,Seoul,South Korea,Vol.9558,pp.53-68,2015.
    [7]M.Li,X.Xu,R.Zhuang,et al.,“Identity-based broadcast encryption schemes for open networks”,Proc.of International Conference on Frontier of Computer Science and Technology,Dalian,China,IEEE,pp.104-109,2015.
    [8]B.Libert,K.G.Paterson,and E.A.Quaglia,“Anonymous broadcast encryption:Adaptive security and efficient constructions in the standard model”,Proc.of International Workshop on Public Key Cryptography,LNCS,Darmstadt,Germany,Vol.7293,pp.206-224,2012.
    [9]W.Liu,J.Liu,Q.Wu,et al.,“Practical chosen-ciphertext secure hierarchical identity-based broadcast encryption”,International Journal of Information Security,Vol.15,No.1,pp.35-50,2016.
    [10]M.Naor and B.Pinkas,“Efficient trace and revoke schemes”,Proc.of International Conference on Financial Cryptography,LNCS,Anguilla,British West Indies,Vol.1962,pp.1-20,2000.
    [11]Y.Dodis and N.Fazio,“Public key broadcast encryption for stateless receivers”,Proc.of ACM Workshop on Digital Rights Management,LNCS,Washington,DC,USA,Vol.2696,pp.61-80,2002.
    [12]D.Boneh and M.Franklin,“Identity-based encryption from the weil pairing”,Proc.of Annual International Cryptology Conference,LNCS,Vol.2139,pp.213-229,2001.
    [13]M.T.Goodrich,J.Z.Sun and R.Tamassia,“Efficient treebased revocation in groups of low-state devices”,Proc.of Annual International Cryptology Conference,LNCS,Vol.3152,pp.511-527,2004.
    [14]C.Delerablée,P.Paillier,and D.Pointcheval,“Fully collusion secure dynamic broadcast encryption with constantsize ciphertexts or decryption keys”,Proc.of International Conference on Pairing-Based Cryptography,LNCS,Tokyo,Japan,Vol.4575,pp.39-59,2007.
    [15]J.Lai,Y.Mu,and F.Guo,et al.,“Anonymous identitybased broadcast encryption with revocation for file sharing”,Proc.of Australasian Conference on Information Security and Privacy,LNCS,Melbourne,VIC,Australia,Vol.9723,pp.223-239,2016.
    [16]Q.Huang,Z.Ma,and Y.Yang,et al.,“Eabds:attributebased secure data sharing with efficient revocation in cloud computing”,Chinese Journal of Electronics,Vol.24,No.4,pp.862-868,2015.
    [17]Y.Zhu,D.Li,and L.Yang,“Traitor tracing based on partially-ordered hierarchical encryption”,Proc.of International Conference on Trusted Systems,LNCS,Beijing,China,Vol.9473,pp.278-293,2014.
    [18]M.S.Lee,J.Lee,and J.D.Hong,“An efficient public trace and revoke scheme using augmented broadcast encryption scheme”,Journal of the Korea Institute of Information Security and Cryptology,Vol.26,No.1,pp.17-30,2016.
    [19]J.Camenisch and A.Lysyanskaya,“Signature schemes and anonymous credentials from bilinear maps”,Proc.of Annual International Cryptology Conference,LNCS,Vol.3152,pp.56-72,2004.
    [20]M.Bellare,“A note on negligible functions”,Journal of Cryptology,Vol.15,No.4,pp.271-284,2002.
    [21]D.Su and K.Lü,“Paillier’s trapdoor function hidesθ(n)bits”,Science China Information Sciences,Vol.54,No.9,pp.1827-1836,2011.
    [22]D.Boneh,X.Boyen,and E.J.Goh“Hierarchical identity based encryption with constant size ciphertext”,Proc.of International Conference on the Theory and Applications of Cryptographic Techniques,LNCS,Aarhus,Denmark,Vol.3494,pp.440-456,2005.
    [23]M.Bellare,A.Desai,E.Jokipii,et al.,“A concrete security treatment of symmetric encryption”,Proc.of IEEE Annual Symposium on Foundations of Computer Science,Miami Beach,FL,USA,pp.394-403,1997.
    [24]O.Goldreich,Foundations of Cryptography:Vol.1,Basic Tools,Cambridge University Press,Cambridge,UK,pp.119-123,2001.
    When n is even, there exists the similar computational overheads on|S|=n/2(|R|=n/2-1)for both modes.