Paper 2019/038

Identity-based Broadcast Encryption with Efficient Revocation

Aijun Ge and Puwen Wei


Identity-based broadcast encryption (IBBE) is an effective method to protect the data security and privacy in multi-receiver scenarios, which can make broadcast encryption more practical. This paper further expands the study of scalable revocation methodology in the setting of IBBE, where a key authority releases a key update material periodically in such a way that only non-revoked users can update their decryption keys. Following the binary tree data structure approach, a concrete instantiation of revocable IBBE scheme is proposed using asymmetric pairings of prime order bilinear groups. Moreover, this scheme can withstand decryption key exposure, which is proven to be semi-adaptively secure under chosen plaintext attacks in the standard model by reduction to static complexity assumptions. In particular, the proposed scheme is very efficient both in terms of computation costs and communication bandwidth, as the ciphertext size is constant, regardless of the number of recipients. To demonstrate the practicality, it is further implemented in Charm, a framework for rapid prototyping of cryptographic primitives.

Available format(s)
Publication info
A minor revision of an IACR publication in PKC 2019
Broadcast encryptionrevocationasymmetric pairingsprovable securityconstant size ciphertext
Contact author(s)
geaijun @ 163 com
2019-04-24: last of 2 revisions
2019-01-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Aijun Ge and Puwen Wei},
      title = {Identity-based Broadcast Encryption with Efficient Revocation},
      howpublished = {Cryptology ePrint Archive, Paper 2019/038},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.