## Cryptology ePrint Archive: Report 2001/071

Multi-Recipient Public-Key Encryption with Shortened Ciphertext

Kaoru Kurosawa

Abstract: In the trivial $n$-recipient public-key encryption scheme, a ciphertext is a concatenation of independently encrypted messages for $n$ recipients. In this paper, we say that an $n$-recipient scheme has a {\it shortened ciphertext}'' property if the length of the ciphertext is almost a half (or less) of the trivial scheme and the security is still almost the same as the underlying single-recipient scheme. We first present (multi-plaintext, multi-recipient) schemes with the {\it shortened ciphertext}'' property for ElGamal scheme and Cramer-Shoup scheme. We next show (single-plaintext, multi-recipient) hybrid encryption schemes with the {\it shortened ciphertext}'' property.

Category / Keywords: public-key cryptography / public-key cryptography, multi-user setting

Date: received 21 Aug 2001, last revised 15 Jan 2002

Contact author: kurosawa at cis ibaraki ac jp

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Note: This paper has been accepted by PKC'2002. A previous version was revised according to the reviewers' comments.

Short URL: ia.cr/2001/071

[ Cryptology ePrint archive ]