Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Fully CCA2 secure identity based broadcast encryption without random oracles
Information Processing Letters
Identity-based broadcast encryption with constant size ciphertexts and private keys
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Efficient identity-based encryption without random oracles
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Practical identity-based encryption without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Direct CCA secure identity-based broadcast encryption
NSS'12 Proceedings of the 6th international conference on Network and System Security
Hi-index | 0.89 |
Identity based broadcast encryption allows a centralized transmitter to send encrypted messages to a set of identities S, so that only the users with identity in S can decrypt these ciphertexts using their respective private key. Recently [Information Processing Letters 109 (2009)], an identity-based broadcast encryption scheme was proposed (Ren and Gu, 2009) [1], and it was claimed to be fully chosen-ciphertext secure without random oracles. However, by giving a concrete attack, we indicate that this scheme is even not chosen-plaintext secure.