TY - JOUR
T1 - Public key broadcast encryption schemes with shorter transmissions
AU - Park, Jong Hwan
AU - Kim, Hee Jean
AU - Sung, Maeng Hee
AU - Lee, Dong Hoon
N1 - Funding Information:
Manuscript received January 2, 2007; revised January 29, 2008. First published March 21, 2008; last published August 20, 2008 (projected). This work was supported by the MIC (Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Advancement) (IITA-2008-(C1090-0801-0025)).
PY - 2008/9
Y1 - 2008/9
N2 - Broadcast encryption allows a sender to securely distribute messages to a dynamically changing set of users over an insecure channel. In a public key broadcast encryption (PKBE) scheme, this encryption is performed in the public key setting, where the public key is stored in a user's device, or directly transmitted to the receivers along with ciphertexts. In this paper, we propose two PKBE schemes for stateless receivers which are transmission-efficient. A distinctive feature in our first construction is that, different than existing schemes in the literature, only a fraction of the public key related to the set of intended receivers is required in the decryption process. This feature results in the first PKBE scheme with O(r) transmission cost and O(1) user storage cost for v revoked users. Our second construction is a generalized version of the first one providing a tradeoff between ciphertext size and public key size. With appropriate parametrization, we obtain a PKBE scheme with O(√n) transmission cost and O(1) user storage cost for any large set of n users. The transmission cost of our second scheme is at least 30\% less than that of the recent result of Boneh et al.'s PKBE scheme, which is considered as being the current state-of-the-art. By combining the two proposed schemes, we suggest a PKBE scheme that achieves further shortened transmissions, while still maintaining O(1) user storage cost. The proposed schemes are secure against any number of colluders and do not require costly re-keying procedures followed by revocation of users.
AB - Broadcast encryption allows a sender to securely distribute messages to a dynamically changing set of users over an insecure channel. In a public key broadcast encryption (PKBE) scheme, this encryption is performed in the public key setting, where the public key is stored in a user's device, or directly transmitted to the receivers along with ciphertexts. In this paper, we propose two PKBE schemes for stateless receivers which are transmission-efficient. A distinctive feature in our first construction is that, different than existing schemes in the literature, only a fraction of the public key related to the set of intended receivers is required in the decryption process. This feature results in the first PKBE scheme with O(r) transmission cost and O(1) user storage cost for v revoked users. Our second construction is a generalized version of the first one providing a tradeoff between ciphertext size and public key size. With appropriate parametrization, we obtain a PKBE scheme with O(√n) transmission cost and O(1) user storage cost for any large set of n users. The transmission cost of our second scheme is at least 30\% less than that of the recent result of Boneh et al.'s PKBE scheme, which is considered as being the current state-of-the-art. By combining the two proposed schemes, we suggest a PKBE scheme that achieves further shortened transmissions, while still maintaining O(1) user storage cost. The proposed schemes are secure against any number of colluders and do not require costly re-keying procedures followed by revocation of users.
KW - Bilinear pairings
KW - Broadcast encryption
KW - Copy-right protection
KW - Key distribution
KW - Strong Diffie-Hellman tuples
UR - http://www.scopus.com/inward/record.url?scp=50549101800&partnerID=8YFLogxK
U2 - 10.1109/TBC.2008.919940
DO - 10.1109/TBC.2008.919940
M3 - Article
AN - SCOPUS:50549101800
VL - 54
SP - 401
EP - 411
JO - IEEE Transactions on Broadcasting
JF - IEEE Transactions on Broadcasting
SN - 0018-9316
IS - 3
M1 - 4475818
ER -