Ad-Hoc Threshold Broadcast Encryption with Shorter Ciphertexts

Authors:
Vanesa Daza;Javier Herranz;Paz Morillo;Carla Ràfols
Affiliations:
Dept. D'Enginyeria Informàtica i Matemàtiques, Universitat Rovira i Virgili, Av. Països Catalans 26, E-43007 Tarragona, Spain;IIIA, Artificial Intelligence Research Institute, CSIC, Spanish National Research Council, Campus UAB s/n, E-08193 Bellaterra, Spain;Dept. Matemàtica Aplicada IV, Universitat Politècnica de Catalunya, C. Jordi Girona 1-3, E-08034 Barcelona, Spain;Dept. Matemàtica Aplicada IV, Universitat Politècnica de Catalunya, C. Jordi Girona 1-3, E-08034 Barcelona, Spain
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2008

Citing 10
Cited 4

How to share a secret

Communications of the ACM
Broadcast Encryption

CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
Randomness Re-use in Multi-recipient Encryption Schemeas

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
On Defining Proofs of Knowledge

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Efficient ID-based Broadcast Threshold Decryption in Ad Hoc Network

IMSCCS '06 Proceedings of the First International Multi-Symposiums on Computer and Computational Sciences - Volume 2 (IMSCCS'06) - Volume 02
Stateful public-key cryptosystems: how to encrypt with one 160-bit exponentiation

Proceedings of the 13th ACM conference on Computer and communications security
An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Public-key encryption in a multi-user setting: security proofs and improvements

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
CCA2-secure threshold broadcast encryption with shorter ciphertexts

ProvSec'07 Proceedings of the 1st international conference on Provable security
A public key cryptosystem and a signature scheme based on discrete logarithms

IEEE Transactions on Information Theory

Optimal subset-difference broadcast encryption with free riders

Information Sciences: an International Journal
CCA2-secure threshold broadcast encryption with shorter ciphertexts

ProvSec'07 Proceedings of the 1st international conference on Provable security
Threshold public-key encryption with adaptive security and short ciphertexts

ICICS'10 Proceedings of the 12th international conference on Information and communications security
Fully distributed broadcast encryption

ProvSec'11 Proceedings of the 5th international conference on Provable security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In a threshold broadcast encryption scheme, a sender chooses (ad-hoc) a set of n receivers and a threshold t, and then encrypts a message by using the public keys of all the receivers, in such a way that the original plaintext can be recovered only if at least t receivers cooperate. This kind of scheme has many applications in mobile ad-hoc networks, characterized by their lack of infrastructure as well as for the high dynamism of their nodes. Threshold broadcast encryption schemes are much more appropriate for mobile ad-hoc scenarios than standard threshold public key encryption schemes, where the set of receivers and the threshold for decryption must be known in advance (and remain the same for the rest of the protocol). Previously proposed threshold broadcast encryption schemes have ciphertexts which contain at least n group elements. In this paper, we propose a new scheme where the ciphertexts contain essentially n-t group elements. The construction uses secret sharing techniques and the ElGamal public key cryptosystem as basic tools. We formally prove the security of the scheme, by reduction to the security of ElGamal cryptosystem.