CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Secure group communications using key graphs
IEEE/ACM Transactions on Networking (TON)
Communications of the ACM
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
The LSD Broadcast Encryption Scheme
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Directed Signatures and Application to Threshold Cryptosystems
Proceedings of the International Workshop on Security Protocols
Efficient Trace and Revoke Schemes
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Key Establishment in Large Dynamic Groups Using One-Way Function Trees
IEEE Transactions on Software Engineering
Efficiency improvements for signature schemes with tight security reductions
Proceedings of the 10th ACM conference on Computer and communications security
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
A fully collusion resistant broadcast, trace, and revoke system
Proceedings of the 13th ACM conference on Computer and communications security
Secure Distributed Key Generation for Discrete-Log Based Cryptosystems
Journal of Cryptology
Ad-Hoc Threshold Broadcast Encryption with Shorter Ciphertexts
Electronic Notes in Theoretical Computer Science (ENTCS)
Dynamic Threshold Public-Key Encryption
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Asymmetric Group Key Agreement
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Adaptive Security in Broadcast Encryption Systems (with Short Ciphertexts)
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
A threshold cryptosystem without a trusted party
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Efficient communication-storage tradeoffs for multicast encryption
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Fault tolerant and distributed broadcast encryption
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
CCA2-secure threshold broadcast encryption with shorter ciphertexts
ProvSec'07 Proceedings of the 1st international conference on Provable security
Threshold public-key encryption with adaptive security and short ciphertexts
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Hierarchical identity based encryption with constant size ciphertext
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Fully collusion resistant traitor tracing with short ciphertexts and private keys
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Skipping, Cascade, and Combined Chain Schemes for Broadcast Encryption
IEEE Transactions on Information Theory
Hi-index | 0.01 |
Broadcast encryption schemes rely on a centralized authority to generate decryption keys for each user. It is observed that, when a broadcast encryption scheme is deployed for secret escrows, a dishonest dealer can read the escrowed secrets without leaving any witnesses. We present a new broadcast encryption paradigm referred to as fully distributed broadcast encryption (FDBE) without suffering from this vulnerability. In the new paradigm, there are multiple dealers, and by contacting a number of them equal to a threshold or more, any user can join the system; then the secrets can be encrypted to any subset of users and only the intended receivers can decrypt, while an attacker cannot get any information about the encrypted message even if the attacker controls all the users outside the receiver set and corrupts some dealers, provided that the number of corrupted dealers is less than a threshold. We realize the first fully distributed broadcast encryption scheme which is proven secure under the decision Bilinear Diffie-Hellman Exponentiation assumption in the standard model. A variant is also shown to achieve sub-linear complexity in terms of public key, decryption key and ciphertext, comparable to up-to-date regular broadcast encryption schemes without robustness and strong security against misbehaving dealers.