Paper 2005/018

Collusion Resistant Broadcast Encryption With Short Ciphertexts and Private Keys

Dan Boneh, Craig Gentry, and Brent Waters


We describe two new public key broadcast encryption systems for stateless receivers. Both systems are fully secure against any number of colluders. In our first construction both ciphertexts and private keys are of constant size (only two group elements), for any subset of receivers. The public key size in this system is linear in the total number of receivers. Our second system is a generalization of the first that provides a tradeoff between ciphertext size and public key size. For example, we achieve a collusion resistant broadcast system for n users where both ciphertexts and public keys are of size O(sqrt(n)) for any subset of receivers. We discuss several applications of these systems.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
dabo @ cs stanford edu
2005-03-12: revised
2005-01-28: received
See all versions
Short URL
Creative Commons Attribution


      author = {Dan Boneh and Craig Gentry and Brent Waters},
      title = {Collusion Resistant Broadcast Encryption With Short Ciphertexts and Private Keys},
      howpublished = {Cryptology ePrint Archive, Paper 2005/018},
      year = {2005},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.