**BESTIE: Broadcast Encryption Scheme for Tiny IoT Equipments**

*Jiwon Lee and Jihye Kim and Hyunok Oh*

**Abstract: **In public key broadcast encryption, anyone can securely transmit a message to a group of receivers such that privileged users can decrypt it. The three important parameters of the broadcast encryption scheme are the length of the ciphertext, the size of private/public key, and the performance of encryption/decryption. It is suggested to decrease them as much as possible, however, it turns out that decreasing one increases the other in most schemes.

This paper proposes a new broadcast encryption scheme for tiny IoT equipments (BESTIE), minimizing the private key size in each user. In the proposed scheme, the private key size is O(log n), the public key size is O(log n), the encryption time per subset is O(log n), the decryption time is O(log n), and the ciphertext text size is O(r), where n denotes the maximum number of users and r indicates the number of revoked users. The proposed scheme is the first subset difference based broadcast encryption scheme to reduce the private size O(log n) without sacrificing the other parameters. We prove that our proposed scheme is secure under q-Simplified Multi-Exponent Bilinear Diffie-Hellman (q-SMEBDH) in the standard model.

**Category / Keywords: **public-key cryptography / Broadcast encryption, public-key encryption, subset difference, short key

**Date: **received 12 Nov 2019

**Contact author: **jiwonlee at hanyang ac kr, jihyek at kookmin ac kr, hoh at hanyang ac kr

**Available format(s): **PDF | BibTeX Citation

**Version: **20191113:104012 (All versions of this report)

**Short URL: **ia.cr/2019/1311

[ Cryptology ePrint archive ]