Cryptology ePrint Archive: Report 2007/329

A Tunable Broadcast Encryption Scheme

David Lubicz and Thomas Sirvent

Abstract: In this paper, we describe yet another broadcast encryption scheme for stateless receivers. The main difference between our scheme and the classical schemes derived from the complete subtree and its subsequent improvements is that in our scheme the group management is based upon a more adaptable data structure. In these classical schemes, users must be spread on a tree structure where each level of the tree is associated to some distinguishing property of the users. The fact that the underlying data structure is a fixed tree is a strong limitation for some applications where an operator wants to select users very dynamically following criterions with changing levels of priority. Our scheme may be thought as if in the complete subtree it would be possible to exchange the different level of the tree in order to make it very efficient to revoke or select a class of users. It is also very efficient in the cases where there exists very unbalanced groups of users.

This scheme allows one to select or revoke users by sending ciphertexts of linear size with respect to the number of groups which is in general far less than the number of users. Moreover, by using a specific group repartition, it is possible to recover a tree structure in order to apply the classical methods which guarantee that our scheme is in general as efficient as a usual ones.

We prove that our scheme is fully collusion secure in the generic group with pairing model.

Category / Keywords: cryptographic protocols /

Date: received 20 Aug 2007

Contact author: david lubicz at univ-rennes1 fr

Available format(s): PDF | BibTeX Citation

Version: 20070822:184704 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]