Adaptive CCA broadcast encryption with constant-size secret keys and ciphertexts

Abstract : We consider designing public-key broadcast encryption schemes with constant-size secret keys and ciphertexts, achieving chosen-ciphertext security. We first argue that known CPA-to-CCA transforms currently do not yield such schemes. We then propose a scheme, modifying a previous selective CPA secure proposal by Boneh, Gentry, and Waters. Our scheme has constant-size secret keys and ciphertexts, and we prove that it is selective chosen-ciphertext secure based on standard assumptions. Our scheme has ciphertexts that are shorter than those of the previous CCA secure proposals. Then, we propose a second scheme that provides the functionality of both broadcast encryption and revocation schemes simultaneously using the same set of parameters. Finally, we show that it is possible to prove our first scheme adaptive chosen-ciphertext secure under reasonable extensions of the bilinear Diffie-Hellman exponent and the knowledge-of-exponent assumptions. We prove both of these extended assumptions in the generic group model. Hence, our scheme becomes the first to achieve constant-size secret keys and ciphertexts (both asymptotically optimal) and adaptive chosen-ciphertext security at the same time.
Type de document :
Article dans une revue
International Journal of Information Security, Springer Verlag, 2013, 12 (4), pp.251-265. 〈10.1007/s10207-013-0190-0〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00864357
Contributeur : Duong Hieu Phan <>
Soumis le : samedi 21 septembre 2013 - 00:29:37
Dernière modification le : vendredi 25 mai 2018 - 12:02:05

Identifiants

Citation

Duong Hieu Phan, David Pointcheval, Siamak Fayyaz Shahandashti, Mario Strefler. Adaptive CCA broadcast encryption with constant-size secret keys and ciphertexts. International Journal of Information Security, Springer Verlag, 2013, 12 (4), pp.251-265. 〈10.1007/s10207-013-0190-0〉. 〈hal-00864357〉

Partager

Métriques

Consultations de la notice

380