Cryptology ePrint Archive: Report 2007/217
Identity-Based Broadcast Encryption
Ryuichi Sakai and Jun Furukawa
Abstract: Broadcast encryption schemes enable senders to efficiently broadcast
ciphertexts to a large set of receivers in a way that only non-revoked
receivers can decrypt them.
Identity-based encryption schemes are public key encryption schemes
that can use arbitrary strings as public keys.
We propose the first public key broadcast encryption scheme that can
use any string as a public key of each receiver. That is,
identity-based broadcast encryption scheme.
Our scheme has many desirable properties. The scheme is fully collusion
resistant, and the size of ciphertexts and that of private key are small
constants. The size of public key is proportional to only the maximum
number of receiver sets to each of which the ciphertext is sent. Note
that its size remains to be so although the number of potential
receivers is super-polynomial size.
Besides these properties, the achieving the first practical
identity-based broadcast encryption scheme itself is the most
interesting point of this paper.
The security of our scheme is proved in the generic bilinear group
Category / Keywords: public-key cryptography / broadcast encryption, ID based encryption, bilinear map, revocation
Date: received 6 Jun 2007, last revised 13 Jun 2007
Contact author: sakai at isc osakac ac jp
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20070613:063701 (All versions of this report)
Short URL: ia.cr/2007/217
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]