Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption

Baek, Joonsang; Safavi–Naini, Reihaneh; Susilo, Willy

doi:10.1007/978-3-540-30580-4_26

Cited by 132 publications

(162 citation statements)

References 22 publications

Supporting

Mentioning

161

Contrasting

Unclassified

Order By: Relevance

“…The probability for B to output e (g, g) abc is denoted as Adv c-bdh-gap B,(e,G,GT ) (λ) (the advantage of B in the computational BDH game with gap on G T ). Note that the above assumption is different from the Gap Bilinear Diffie-Hellman Assumption [6].…”

Section: Computational Bilinear Diffie-hellman Assumption With Gap Onmentioning

confidence: 99%

Attribute-Based Identification: Definitions and Efficient Constructions

Anada

Arita

Handa

et al. 2013

Information Security and Privacy

View full text Add to dashboard Cite

Abstract. We propose a notion of attribute-based identification (ABID) in two flavors: prover-policy ABID (PP-ABID) and verifierpolicy ABID (VP-ABID). In a PP-ABID scheme, a prover has an authorized access policy written as a boolean formula over attributes, while each verifier maintains a set of attributes. The prover is accepted when his access policy fits the verifier's set of attributes. In a VP-ABID scheme, a verifier maintains an access policy written as a boolean formula over attributes, while each prover has a set of authorized attributes. The prover is accepted when his set of attributes satisfies the verifier's access policy. Our design principle is first to construct keypolicy and ciphertext-policy attribute-based key encapsulation mechanisms (KP-ABKEM and CP-ABKEM). Second, we convert KP-ABKEM and CP-ABKEM into challenge-and-response PP-ABID and VP-ABID, respectively, by encapsulation-and-decapsulation. There, we show that KP-ABKEM and CP-ABKEM only have to be secure against chosenciphertext attacks on one-wayness (OW-CCA secure) for the obtained PP-ABID and VP-ABID to be secure against concurrent man-in-themiddle attacks (cMiM secure). According to the design principle, we construct concrete KP-ABKEM and CP-ABKEM with the OW-CCA security by enhancing the KP-ABKEM of Ostrovsky, Sahai and Waters and CP-ABKEM of Waters, respectively. Finally, we obtain concrete PP-ABID and VP-ABID schemes that are proved to be selectively secure in the standard model against cMiM attacks.

show abstract

Section: Computational Bilinear Diffie-hellman Assumption With Gap Onmentioning

confidence: 99%

Attribute-Based Identification: Definitions and Efficient Constructions

Anada

Arita

Handa

et al. 2013

Information Security and Privacy

View full text Add to dashboard Cite

show abstract

“…This notion was introduced in [1] and a non-trivial construction based on the Boneh-Franklin IBE (BF-IBE) was provided. The construction was proved to be secure in the selective-ID model under the random oracle assumption.…”

Section: Multi-receiver Ibementioning

confidence: 99%

“…Multiple receiver IBE (MR-IBE) is an interesting concept which was introduced by Baek, SafaviNaini and Susilo [1]. In an MR-IBE, an encryptor can encrypt a message in such a way that any one of a set of identities can decrypt the message.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Generalization of the Selective-ID Security Model for HIBE Protocols

Chatterjee

Sarkar

2006

Public Key Cryptography - PKC 2006

View full text Add to dashboard Cite

Abstract. We generalize the selective-ID security model for HIBE by introducing two new security models. Broadly speaking, both these models allow the adversary to commit to a set of identities and in the challenge phase choose any one of the previously committed identities. Two constructions of HIBE are presented which are secure in the two models. Further, we show that the HIBEs can be modified to obtain a multiple receiver IBE which is secure in the selective-ID model without the random oracle assumption.

show abstract

“…[7] 提出以后,出现了一些基于身份的多接收者公钥加密方案,如 Chen [8] 和 Smart [9] 等人的方案.但是,这些工作都没有给出适当的形式化安全性模型及安全性证明.Mu [10] 和 Baek [11] …”

unclassified

Multi-Recipient Public Key Encryption Scheme Based on Weil Pairing

Lu¹

2008

Journal of Software

View full text Add to dashboard Cite

This paper proposes a multiple-recipient public key encryption, called pairing-based multi-recipient encryption (PBMRE). The proposed scheme is constructed on Weil pairing on elliptic curves and the Shamir's secrets sharing scheme. As a result, a private key for decryption can be converted to multiple users' private keys by secrets sharing, and reconstructed by the bilinear property of Weil Pairing in decryptions. Through an analysis, it is shown that this scheme is efficient and can effectively defend against deciphers' collaborating. Based on the Gap-BDH (gap-bilinear Diffie-Hellman) assumption and the random oracle model, a strict security proof is presented stating that the scheme has the indistinguishability under adaptive chosen ciphertext attack, 简称 (IND-CCA2).

show abstract

Efficient Multi-receiver Identity-Based Encryption and Its Application to Broadcast Encryption

Cited by 132 publications

References 22 publications

Attribute-Based Identification: Definitions and Efficient Constructions

Attribute-Based Identification: Definitions and Efficient Constructions

Generalization of the Selective-ID Security Model for HIBE Protocols

Multi-Recipient Public Key Encryption Scheme Based on Weil Pairing

Contact Info

Product

Resources

About