ABSTRACT
Since broadcast encryption was first introduced in 1993 by Fiat and Naor, many broadcast encryption schemes have been developed. Among these, schemes based on tree structure and linear structure are notable. The subset difference (SD) scheme and layered subset difference (LSD) scheme based on tree structure have small user-key size and small transmission overhead when the number r of revoked users is very small. The punctured interval (PI) scheme based on linear (or circular) structure has better transmission overhead when r is not too small.In this paper, we propose a new broadcast encryption scheme, called the tree-based circle (TC) scheme, combining tree structure and circular structure. In this scheme, the transmission overhead is proportional to r like in the SD scheme for small r and becomes asymptotically same as that of the PI scheme when r grows, keeping the computation cost and the storage size small. The TC scheme also inherits the flexibility of the PI scheme. We further improve the transmission overhead of the TC scheme, when r is very small, by adopting the notion of cascade arc.
- J. H. Cheon, N.-S. Jho, M.-H. Kim, and E. S. Yoo. Skipping, Cascade, and Combined Chain Schemes for Broadcast Encryption. In http://eprint.iacr.org/2005/136, 2005]]Google Scholar
- A. Fiat and M. Naor. Broadcast encryption. In Advances in Cryptology - Crypto'93, Lecture Notes in Computer Science 773, pages 480--491, 1993.]] Google ScholarDigital Library
- M. Goodrich, J. Sun, and R. Tamassia. Efficient tree-based revocation in groups of low-state devices. In Advances in Cryptology - Crypto'04, Lecture Notes in Computer Science 3152, pages 511--527, 2004.]]Google Scholar
- D. Halevi and A. Shamir. The lsd broadcast encryption scheme. In Advances in Crytology - Crypto'02, Lecture Notes in Computer Science 2442, pages 47--60, 2002.]] Google ScholarDigital Library
- N.-S. Jho, J. Y. Hwang, J. H. Cheon, M.-H. Kim, D. H. Lee, and E. S. Yoo. One-way chain based broadcast encryption schemes. In Advances in Cryptology - Eurocrypt'05, Lecture Notes in Computer Science 3494, pages 559--574, 2005.]] Google ScholarDigital Library
- R. Kumar, S. Rajagopalan, and A. Sahai. Coding constructions for blacklisting problems without computational assumptions. In Advances in Cryptology - Crypto'99, Lecture Notes in Computer Science 1666, pages 609--623, 1999.]] Google ScholarDigital Library
- D. Naor, M. Naor, and J. Lotspiech. Revocation and tracing schemes for stateless receivers. In Advances in Cryptology - Crypto'01, Lecture Notes in Computer Science 2139, pages 41--62, 2001.]] Google ScholarDigital Library
- M. Naor and B. Pinkas. Efficient trace and revoke schemes. In Financial Cryptography'00, Lecture Notes in Computer Science 1962, pages 1--20, 2000.]] Google ScholarDigital Library
Index Terms
- New broadcast encryption scheme using tree-based circle
Recommendations
A Lightweight Tree Based One-Key Broadcast Encryption Scheme
Broadcast encryption technology enables a sender to send information securely to a group of receivers excluding specified receivers over a broadcast channel. In this paper, we propose a new key-tree structure based on Rabin cryptosystem, and an access ...
Chosen-ciphertext secure bidirectional proxy broadcast re-encryption schemes
A proxy re-encryption PRE scheme supports the delegation of decryption rights via a proxy, who makes the ciphertexts decryptable by the delegatee. However, how to structure a chosen-ciphertext secure proxy re-encryption scheme without pair is still an ...
Efficient Anonymous Identity-Based Broadcast Encryption without Random Oracles
Broadcast encryption provides a method of secure multi-receiver communications, where a broadcaster can encrypt a message for a set S of users who are listening to a broadcast channel. Most identity-based broadcast encryption (IBBE) schemes are not ...
Comments