Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Threshold Ring Signatures and Applications to Ad-hoc Groups
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Multi-recipient Public-Key Encryption with Shortened Ciphertext
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Randomness Re-use in Multi-recipient Encryption Schemeas
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Authenticating tripartite key agreement protocol with pairings
Journal of Computer Science and Technology
Implementation of cryptosystems based on Tate pairing
Journal of Computer Science and Technology
Ad Hoc Networking
Public-key encryption in a multi-user setting: security proofs and improvements
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Efficient key encapsulation to multiple parties
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Hi-index | 0.00 |
Multi-decrypter encryption is a typical application in multi-user cryptographic branches. In multi-decrypter encryption, a message is encrypted under multiple decrypters' public keys in the way that only when all the decrypters cooperate, can the message be read. However, trivial implementation of multi-decrypter encryption using standard approaches leads to heavy computation costs and long ciphertext which grows as the receiver group expands. This consumes much precious bandwidth in wireless environment, such as mobile ad hoc network. In this paper, we propose an efficient identity based multi-decrypter encryption scheme, which needs only one or zero (if precomputed) pairing computation and the ciphertext contains only three group elements no matter how many the receivers are. Moreover, we give a formal security definition for the scheme, and prove the scheme to be chosen ciphertext secure in the random oracle model, and discuss how to modify the scheme to resist chosen ciphertext attack.