Cryptology ePrint Archive: Report 2018/391

Tight Adaptively Secure Broadcast Encryption with Short Ciphertexts and Keys

Romain Gay and Lucas Kowalczyk and Hoeteck Wee

Abstract: We present a new public key broadcast encryption scheme where both the ciphertext and secret keys consist of a constant number of group elements. Our result improves upon the work of Boneh, Gentry, and Waters (Crypto '05) as well as several recent follow-ups (TCC '16-A, Asiacrypt '16) in two ways: (i) we achieve adaptive security instead of selective security, and (ii) our construction relies on the decisional $k$-Linear Assumption in prime-order groups (as opposed to $q$-type assumptions or subgroup decisional assumptions in composite-order groups); our improvements come at the cost of a larger public key. Finally, we show that our scheme achieves adaptive security in the multi-ciphertext setting with a security loss that is independent of the number of challenge ciphertexts.

Category / Keywords: public-key cryptography / broadcast encryption, bilinear group

Date: received 30 Apr 2018

Contact author: luke at cs columbia edu

Available format(s): PDF | BibTeX Citation

Version: 20180501:121453 (All versions of this report)

Short URL: ia.cr/2018/391


[ Cryptology ePrint archive ]