Abstract
An \((\le n,\le \omega )\)-one-time secure broadcast encryption schemes (BESs) allows a sender to specify any subset of receivers so that only the specified recievers can decrypt a ciphertext. In this paper, we first show an efficient construction of a BES with general ciphertext sizes. Specifically, we propose a generic construction of a BES from key predistribution systems (KPSs) when its ciphertext size is equal to integer multiple of the plaintext size, and our construction includes all known constructions. However, there are many possible combinations of the KPSs to realize the BES in our construction methodology, and therefore, we show that which combination is the best one in the sense that secret-key size can be minimized.
Deriving a tight bound on the secret-key size required for \((\le n,\le \omega )\)-one-time secure BES with any ciphertext size still remains an open problem.Our result also means that we first show an upper bound on the size of secret keys for general ciphertext sizes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Unconditionally secure protocols usually require long secret keys, and therefore it is important to show the minimal key size (i.e. derive a tight lower bound on the secret-key size).
- 2.
In general, for deriving a tight bound, it is necessary to show upper/lower bounds with tightness.
- 3.
Although uk is not explicitly described in several papers on KPSs [2, 4, 5, 12, 14], we introduce uk for measuring actual sizes of secret keys which TA has to generate. It is reasonable to consider uk since Blundo and Cresti [3] also dealt with uk in another context. We note that uk is actually not used in the scheme, and hence we do not explicitly describe it in output. We can also see uk as a deterministic function for deriving secret keys \(uk_1,\ldots .uk_n\).
- 4.
For example, when \(n=9\), \(\delta =3\), and \(\ell _i=3 \ (i=1,2,3)\), then \(\mathcal {U}_1:=\{U_1,U_2,U_3\}\), \(\mathcal {U}_2:=\{U_4,U_5,U_6\}\), and \(\mathcal {U}_3:=\{U_7,U_8,U_9\}\).
- 5.
\(\varvec{L}\) is said to be even when \(\ell _1-\ell _\delta =0\) if \(n/\delta \in \mathbb {N}\) or \(\ell _1-\ell _\delta =1\) if \(n/\delta \notin \mathbb {N}\).
References
Berkovits, S.: How to broadcast a secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991)
Blom, R.: An optimal class of symmetric key generation systems. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 335–338. Springer, Heidelberg (1985)
Blundo, C., Cresti, A.: Space requirements for broadcast encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 287–298. Springer, Heidelberg (1995)
Blundo, C., Frota Mattos, L.A., Stinson, D.R.: Trade-offs between communication and storage in unconditionally secure schemes for broadcast encryption and interactive key distribution. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 387–400. Springer, Heidelberg (1996)
Blundo, C., De Santis, A., Herzberg, A., Kutten, S., Vaccaro, U., Yung, M.: Perfectly-secure key distribution for dynamic conferences. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 471–486. Springer, Heidelberg (1993)
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)
Chen, H., Ling, S., Padró, C., Wang, H., Xing, C.: Key predistribution schemes and one-time broadcast encryption schemes from algebraic geometry codes. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 263–277. Springer, Heidelberg (2009)
Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003)
Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)
Garay, J.A., Staddon, J., Wool, A.: Long-lived broadcast encryption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, p. 333. Springer, Heidelberg (2000)
Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with short ciphertexts). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 171–188. Springer, Heidelberg (2009)
Kurosawa, K., Yoshida, T., Desmedt, Y.G., Burmester, M.: Some bounds and a construction for secure broadcast encryption. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 420–433. Springer, Heidelberg (1998)
Luby, M., Staddon, J.: Combinatorial bounds for broadcast encryption. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 512–526. Springer, Heidelberg (1998)
Matsumoto, T., Imai, H.: On the key predistribution system: a practical solution to the key distribution problem. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 185–193. Springer, Heidelberg (1988)
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)
Padró, C., Gracia, I., MartÃn, S.: Improving the trade-off between storage and communication in broadcast encryption schemes. Discrete Appl. Math. 143(1–3), 213–220 (2004)
Padró, C., Gracia, I., MartÃn, S., Morillo, P.: Linear broadcast encryption schemes. Discrete Appl. Math. 128(1), 223–238 (2003)
Phan, D.H., Pointcheval, D., Strefler, M.: Security notions for broadcast encryption. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 377–394. Springer, Heidelberg (2011)
Acknowledgments
We would like to thank anonymous referees for their helpful comments. We would also like to thank Shota Yamada and Goichiro Hanaoka for their valuable comments for the preliminary version of this paper. The first author is supported by JSPS Research Fellowships for Young Scientists. This work (Yohei Watanabe) was supported by Grant-in-Aid for JSPS Fellows Grant Number 25\(\cdot \)3998. This work (Junji Shikata) was supported by JSPS KAKENHI Grant Number 15H02710, and it was partially conducted under the auspices of the MEXT Program for Promoting the Reform of National Universities.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Watanabe, Y., Shikata, J. (2015). Constructions of Unconditionally Secure Broadcast Encryption from Key Predistribution Systems with Trade-Offs Between Communication and Storage. In: Au, MH., Miyaji, A. (eds) Provable Security. ProvSec 2015. Lecture Notes in Computer Science(), vol 9451. Springer, Cham. https://doi.org/10.1007/978-3-319-26059-4_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-26059-4_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26058-7
Online ISBN: 978-3-319-26059-4
eBook Packages: Computer ScienceComputer Science (R0)