International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts

Authors:
Vanesa Daza
Javier Herranz
Carla Ràfols
Paz Morillo
Download:
URL: http://eprint.iacr.org/2007/127
Search ePrint
Search Google
Abstract: In a threshold broadcast encryption scheme, a sender chooses (ad-hoc) a set of $n$ receivers and a threshold $t$, and then encrypts a message by using the public keys of all the receivers, in such a way that the original plaintext can be recovered only if at least $t$ receivers cooperate. Previously proposed threshold broadcast encryption schemes have ciphertexts whose length is $\O(n)$. In this paper, we propose new schemes, for both PKI and identity-based scenarios, where the ciphertexts' length is $\O(n-t)$. The construction uses secret sharing techniques and the Canetti-Halevi-Katz transformation to achieve chosen-ciphertext security. The security of our schemes is formally proved under the Decisional Bilinear Diffie-Hellman (DBDH) Assumption.
BibTeX
@misc{eprint-2007-13409,
  title={CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / threshold broadcast encryption, ad-hoc groups, secret sharing},
  url={http://eprint.iacr.org/2007/127},
  note={ jherranz@iiia.csic.es 13607 received 4 Apr 2007},
  author={Vanesa Daza and Javier Herranz and Carla Ràfols and Paz Morillo},
  year=2007
}