Sciweavers

PROVSEC
2007
Springer

CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts

14 years 6 months ago
CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts
In a threshold broadcast encryption scheme, a sender chooses (ad-hoc) a set of n receivers and a threshold t, and then encrypts a message by using the public keys of all the receivers, in such a way that the original plaintext can be recovered only if at least t receivers cooperate. Previously proposed threshold broadcast encryption schemes have ciphertexts whose length is O(n). In this paper, we propose new schemes, for both PKI and identity-based scenarios, where the ciphertexts’ length is O(n − t). The construction uses secret sharing techniques and the Canetti-Halevi-Katz transformation to achieve chosen-ciphertext security. The security of our schemes is formally proved under the Decisional Bilinear Diffie-Hellman (DBDH) Assumption.
Vanesa Daza, Javier Herranz, Paz Morillo, Carla R&
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where PROVSEC
Authors Vanesa Daza, Javier Herranz, Paz Morillo, Carla Ràfols
Comments (0)