Generic Transformation for Scalable Broadcast Encryption Schemes

Hwang, Jung Yeon; Lee, Dong Hoon; Lim, Jongsik

doi:10.1007/11535218_17

Cited by 20 publications

(9 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Broadcast center in private encryption based schemes can know or deduce every user's private key, and all the keys for one user has to be kept in secret memory. Most of the schemes [13] are in private encryption way. As to public encryption based schemes, the broadcast center doesn't need users' private key set, only the public keys can finish the ciphertext generation.…”

Section: A Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Novel Broadcast Encryption Scheme Based on SD Scheme Reconstruction

Zhang

Yang

2007

2007 Second International Conference on Communications and Networking in China

View full text Add to dashboard Cite

In this paper, we introduce a novel way to solve the tradeoff problem about communication/storage/computation overhead of broadcast encryption scheme. We construct a new scheme based on Subset Difference (SD) scheme, use concept of RSA accumulator and the idea of separating the user-side device into different function parts, take advantage of the public device's functionality, minimize the storage and computation overhead of the private device, and make the broadcast encryption scheme more implementation-oriented.

show abstract

Section: A Related Workmentioning

confidence: 99%

“…Their subset deduction procedure always can be seen as forming an interval from a line. The chain-based schemes include Skipping/Cascade/Combined chain (SCCC) scheme [12], HLL scheme [13], Log-key [14]scheme and so on.…”

Section: A Related Workmentioning

confidence: 99%

A Novel Broadcast Encryption Scheme Based on SD Scheme Reconstruction

Zhang

Yang

2007

2007 Second International Conference on Communications and Networking in China

View full text Add to dashboard Cite

show abstract

“…Alternatively, we could use a one-to-many or many-to-many stateless broadcast encryption scheme [32,38,27,25], which ensures that re-keying is infrequent and that many possible subsets can be generated with little computational effort. At this point, we did not see any direct advantage of using such approaches over simply deriving the group key for a conversation from the content of the initial Direct Message in that conversation.…”

Section: Protecting Privacymentioning

confidence: 99%

Enabling private conversations on Twitter

Singh

Butkiewicz

Madhyastha

et al. 2012

Proceedings of the 28th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

User privacy has been an increasingly growing concern in online social networks (OSNs). While most OSNs today provide some form of privacy controls so that their users can protect their shared content from other users, these controls are typically not sufficiently expressive and/or do not provide fine-grained protection of information. In this paper, we consider the introduction of a new privacy control-group messaging on Twitter, with users having finegrained control over who can see their messages. Specifically, we demonstrate that such a privacy control can be offered to users of Twitter today without having to wait for Twitter to make changes to its system. We do so by designing and implementing Twitsper, a wrapper around Twitter that enables private group communication among existing Twitter users while preserving Twitter's commercial interests. Our design preserves the privacy of group information (i.e., who communicates with whom) both from the Twitsper server as well as from undesired Twitsper users. Furthermore, our evaluation shows that our implementation of Twitsper imposes minimal server-side bandwidth requirements and incurs low client-side energy consumption. Our Twitsper client for Androidbased devices has been downloaded by over 1000 users and its utility has been noted by several media articles.

show abstract

“…We note that a broadcaster possibly sends a message to a huge number of users; hence efficiency in transmission cost has been considered to be a critical measure by service providers. Since Fiat and Naor [1] first formalized broadcast encryption in the symmetric key setting, a large body of work [2]- [8] has been devoted to building efficient broadcast encryption schemes. Until now, the most efficient scheme in the symmetric key setting achieves transmission cost while maintaining user storage cost [4]- [8], where denotes the number of revoked users and denotes the total number of users.…”

Section: Introductionmentioning

confidence: 99%

Public Key Broadcast Encryption Schemes With Shorter Transmissions

Park

Kim

Sung

et al. 2008

IEEE Trans. on Broadcast.

View full text Add to dashboard Cite

Broadcast encryption allows a sender to securely distribute messages to a dynamically changing set of users over an insecure channel. In a public key broadcast encryption (PKBE) scheme, this encryption is performed in the public key setting, where the public key is stored in a user's device, or directly transmitted to the receivers along with ciphertexts. In this paper, we propose two PKBE schemes for stateless receivers which are transmission-efficient. A distinctive feature in our first construction is that, different than existing schemes in the literature, only a fraction of the public key related to the set of intended receivers is required in the decryption process. This feature results in the first PKBE scheme with ( ) transmission cost and (1) user storage cost for revoked users. Our second construction is a generalized version of the first one providing a tradeoff between ciphertext size and public key size. With appropriate parametrization, we obtain a PKBE scheme with ( ) transmission cost and (1) user storage cost for any large set of users. The transmission cost of our second scheme is at least 30\% less than that of the recent result of Boneh et al.'s PKBE scheme, which is considered as being the current state-of-the-art. By combining the two proposed schemes, we suggest a PKBE scheme that achieves further shortened transmissions, while still maintaining (1) user storage cost. The proposed schemes are secure against any number of colluders and do not require costly re-keying procedures followed by revocation of users.

show abstract

Generic Transformation for Scalable Broadcast Encryption Schemes

Cited by 20 publications

References 19 publications

A Novel Broadcast Encryption Scheme Based on SD Scheme Reconstruction

A Novel Broadcast Encryption Scheme Based on SD Scheme Reconstruction

Enabling private conversations on Twitter

Public Key Broadcast Encryption Schemes With Shorter Transmissions

Contact Info

Product

Resources

About